If you haven’t heard about the global WannaCry cyberattack, which happened in May this year,  you’ve probably been sitting in a dark room.

A cyberattack on an unprecedented scale, WannaCry infected computers in 150 countries, including the NHS network in the UK.

Following an investigation into the WannaCry attack and the NHS, Amyas Morse, Head of the National Audit Office, said: “It

[WannaCry] was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice… The Department and the NHS need to get their act together to ensure the NHS is better protected against future attacks.”

10 key lessons

Based on our understanding, we’ve compiled what we believe are the 10 key lessons that not just the NHS, but any organisation, can take from this catastrophic attack.

When you consider these lessons as golden rules, it’s almost beyond belief that the NHS broke each and every one:

#1 Follow all cybersecurity recommendations.

#2 Be sure to pass all internal/external cybersecurity standards.

#3 Update software as often as prompted.

#4 Establish and maintain a formal mechanism for assessing compliance with advice and guidance.

#5 Effectively manage computer firewalls.

#6 Upgrade old computer systems.

#7 Keep up with cybersecurity improvements.

#8 Plan and be prepared for a cyberattack.

#9 Run a simulated cyberattack.

#10 Maintain an absolute focus on cybersecurity.

Above all, every single member of your team must be focused on cybersecurity. Regardless of the size of your organisation, you’re a potential target.

If you don’t have in-house cybersecurity expertise, we offer a free consultation to get you started. Please call us on 02920 003 313 (Cardiff) or 0121 270 3377 (West Midlands) to find out more.