https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


Security Central: WannaCry Ransomware, Microsoft Implores Government to Regulate IoT

  • Written by Allison Francis
  • May 18, 2017
This week’s Security Central takes a look at the WannaCry ransomware, examines Microsoft’s IoT plea to the government, and peeks inside a revealing Code42 study about corporate bosses and data security.

It was the ransomware heard round the world. The WannaCry virus burst onto the scene last Friday, wreaking havoc on major organizations like FedEx, the National Health Service (NHS), Spain’s telecom company Telefonica and others, according to Fortune. It was all shut down, though, when a cybersecurity researcher from the U.K. known as “MalwareTech” discovered a “kill switch” in the software, effectively containing the spread of the attack. 

The attack has thrown into sharp relief the undeniable need for governments and organizations to beef up their security infrastructure, a badly-needed and overdue fix. In addition, it’s a call to mandate security updates and educate lawmakers about the intricacies of cybersecurity.

To articulate that argument even further, experts are saying that new versions of the virus are expected – ones that may not be so “easily” shut down. In Friday’s attack, the infected computers for the most part appeared to be out-of-date devices that organizations had deemed not worth upgrading, and in some cases, manufacturing or hospital machines with functions too difficult to patch without disrupting crucial operations. (As reported by Wharton School of the University of Pennsylvania).

Michael Greenberger, law professor at the University of Maryland and founder and director of its Center of Health and Homeland Security, says that the attack brings to light the dangers of using outdated software. “As the devastation of these events takes place, you are going to see more insistence on the following of practices that keep software updated,” says Greenberger. “Mandating that certain software be [updated] may sound rough to the ear, but when you see people dying on the operating table because the software is inadequate, [such mandates will] become much more acceptable.” 

Experts everywhere are stressing the extreme need for software updates and patches, and the dire consequences if these systems go unchecked/untouched. As if WannaCry wasn’t enough of a wake-up call… Even further, some experts are saying that old school anti-virus methods just won’t cut it anymore.

“Traditional anti-virus that relies on signatures and patches is dead, and the WannaCry malware sweeping the globe is the proof,” says Melih Abdulhayoglu, CEO of Comodo. “The only answer to stopping malware is to start virtualization for hard drive, registry and com interfaces of unknown executable files as soon as they hit the device or the network.” Yet another lesson to drive home the point for vendors to make sure their products have all the appropriate cybersecurity safeguards in place.

Our second story touches on two of our most talked about topics at once – Microsoft and the Internet of Things. It’s almost silly at this point to say that the IoT is growing rapidly. This is not new information. It’s also not new to say that there is a great need for the development of cybersecurity policies to support the rapid growth of the IoT. However, now Microsoft is putting its weight behind the concept, and is calling on the government to to get involved.

According to Talkin’ Cloud, the tech giant is urging the government to regulate privacy and security in the IoT market, a huge growth area for the company’s cloud business.

Sam George, Microsoft’s director of engineering for Azure IoT, stated on Tuesday during a panel at IoT World that government will have to get involved in IoT security. As companies clamor to push their products in the hot new(ish) IoT market, security is, inevitably becoming one of the biggest challenges in the budding space. Currently the “bar is low” for IoT security, George said.

There are a few federal agencies that already regulate some areas of the IoT market, according to a comprehensive report on IoT by the Government Accountability Office released earlier this month. Both federal and executive branches of the US government have been considering regulation of IoT devices or data, and ongoing efforts are occurring to review/asses the government’s role in IoT. 

Johnson & Johnson CIO Stuart McGuigan states that the increase in and severity of large-scale attacks means regulation in the IoT space is inevitable. As the number of connected devices continues to grow at a dizzying pace and attacks get more advanced, there will very likely be a demand for laws that will govern the way IoT networks are handled and protected. 

Our last story takes a look at a study recently conducted by endpoint data protection company, Code42. On Tuesday, the company released the results of its CTRL-Z study that compares behaviors and concerns on cyber security between business decision makers and IT decision makers. Some of the top findings include:
 
CEOs are top perpetrators of shadow IT and they know it’s a risk

  • 75% of CEOs and more than half (52%) of business decision makers (BDMs) admit that they use applications/programs that are not approved by their IT department
  • This is despite 91% of CEOs and 83% of BDMs acknowledging that their behaviors could be considered a security risk to their organization

 Business decision makers are now more concerned than IT leaders about a major data breach

  • 51% of business decision makers have had a security breach within the last 18 months, and of the 45% that haven’t had a breach 88% said there is a risk of one going public in the next 12 months
  • Yet, IT decision makers are more confident. According to this group of respondents, only 45% of companies have experienced a breach in the last year and a half, and of the 50% that haven’t only 18% believe there is a risk of a breach that could go public in the next 12 months

 The majority of Business Decision Makers choose convenience over security

  • Almost two thirds (65%) of BDMs would use an unapproved program/application because it would improve their productivity, over half (52%) would do it to make their lives easier and more than a quarter (27%) would do it because they don’t believe IT knows that it takes to get their jobs done
  • At the same time, 83% of business decision makers admit that their actions would be considered a security risk to their organizations

“Modern enterprises are fighting an internal battle between the need for productivity and the need for security,” said Rick Orloff, VP and CSO at Code42. “By using unauthorized programs and applications, business leadership is challenging the very security strategies they demanded be put in place. This makes it clear that a prevention-based approach to security is not sufficient; recovery must be at the core of your strategy.”

The views expressed in this column do not necessarily reflect the views of Penton Media or The VAR Guy editorial staff.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Security

Related


  • ldquoAlliant was fortunate enough to actually be in the control of their production with NetBond so we had already made a sale and we turned the service up to one of our customers We sold the connection to Microsoft Manager It was the very first one sold through the Partner Exchange and we turned it up with absolutely no problem at all It39s a very valuable tool to help add value to the MPLS network that they have Customers today are trying to determine do they keep their MPLS or do they move t
    Why Fortinet for my MSSP?
    With hundreds of thousands of customer nodes under management, and billions of dollars of assets under their protection, the world’s top MSSPs hold their firewalls to extremely high standards for reliability, functionality, and flexibility. Read on to learn why Fortinet stands above the crowd of security vendors when considering solutions to address their complex requirements. […]
  • security centric
    Small and Mid-Size Business Security: 4 Steps to Success
    SMBs are attractive targets for hackers, and in the modern age, weak security can put a stop to both of those things. Not to fear though as SMBs, even with limited budgets and manpower, can significantly reduce their risk by using the right technologies that were designed to work together and offer strong protection while […]
  • Endpoint protection MSP
    How SMBs Can Secure Endpoints and Remote Workers for the Long Haul
    This white paper delves into this new world of endpoint and remote worker protection from the perspective of the SMB. On the coming pages we discuss four essential pieces of a successful program. Focusing on these priorities will help resource-strapped businesses hone their financial and human investments where they will matter most. Brought to you […]
  • Cyber security concept. Encryption.
    Mapping the Ransomware Landscape
    Recognizing the value of data, cyber criminals are increasingly turning to ransomware as a means of monetization. They infiltrate IT systems and access data through various hacks, encrypting, locking, and exfiltrating files. Unable to access information that is critical to their businesses, hacked organizations are forced to pay for the information to be released by […]

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • IBM Leans on Partners to Bring Cloud Satellite Services to Life
  • Welcome to the 2021 MSP 501 — Apply Now!
  • IGEL Integrates Amazon WorkSpaces DaaS with Its Virtual Endpoint OS
  • Latest VMware Job Cuts Impact More Workers in California

Galleries

View all

From The Second City: How to Use Improv as a Business Tool

March 3, 2021

Industry Perspectives

View all

5 Ways XDR Can Improve Operational Efficiency for MSPs

March 4, 2021

Multi-Cloud: Strategy or Inevitable Outcome? (or both?)

March 3, 2021

Backup Vulnerability: 4 Targets Hackers Might Utilize to Infiltrate Your Backup Solution

March 2, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Our latest #Cybersecurity Roundup highlights #CPVirtual, @Huntresslabs, @Entrust_Corp and @InsightEnt.… twitter.com/i/web/status/1…

March 5, 2021
ChannelFutures

RT @Channel_Expo: A HUGE thank you to our amazing #CPVirtual sponsors and exhibitors! 👏 @ATTBusiness @DellTech @8x8 @lumentechco @telarus @…

March 5, 2021
ChannelFutures

.@okta acquiring rival @auth0 in $6.5 billion all-stock transaction. #security dlvr.it/Rtzwdp https://t.co/4LvHCJuwsR

March 4, 2021
ChannelFutures

.@MicrosoftTeams features are coming to @MSFTDynamics365, the company announced at @MS_Ignite. #MicrosoftIgnite… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

.@PreciselyData acquired by Clearlake Capital, @TAAssociates. #digitaltransformation dlvr.it/RtzbKg https://t.co/1rNYnTScxq

March 4, 2021
ChannelFutures

Thanks for attending #CPVirtual. Here's a Day 3 wrap and a look ahead to #CPExpo Homecoming in November!… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

.@Veeam announces six annual Impact Partner Awards, with @SHI_Intl, @LogicalisUS, more. #cloud… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

#XDR can improve operational efficiency for #MSPs. @TrendMicro #security #endpoint #AI #threatintelligence… twitter.com/i/web/status/1…

March 4, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X