Ensuring computer operating systems are up to date is a simple but effective way a private fund firm can prevent cyberattack, according to an expert.
Computers using Windows XP and Vista were more susceptible to May’s WannaCry malware attack than those using more recent versions of the Microsoft operating system because the software-maker had stopped offering security support for the systems.
“Investing in security services and threat monitoring is a key way of protecting against cyberattack. Simple moves would have made people safe, but they didn’t happen,” Brian Hussey, vice-president of cyber threat detection and response at information security company Trustwave, told pfm.
Eventually Microsoft did issue a patch to protect the operating systems from the malware after Shadow Brokers, the group that powered WannaCry said it was going to release more tools for hackers. However, many systems had already come under siege.
Even firms using supported operating systems need to make sure they are running updates as and when they become available.
“Many people were not applying the patches to their computers which leaves them vulnerable to attack,” Hussey said.
Monitoring the technology news – which said that the malware was out there and that older operating systems should be upgraded – is an easy way for firms to stay informed of the latest cyber threats, Hussey added.
A recent Securities and Exchange Commission sweep found that most firms now have a written cybersecurity program in place, but its maintenance needs improving, as reported by pfm.