Comments by: Jonathan Knudsen, Senior Security Strategist, Synopsys Software Integrity Group
As details about the single largest ransomware attack continue to emerge, questions will be asked. Will the ransom be paid? Can organisations recover their data? What kind of damage will this cause?
The only question that matters is: how can a problem like this be prevented?
The reason ransomware is so successful is that so few organisations are properly prepared. Organisations often focus solely on functionality when selecting, deploying, and operating software. They work hard to make software do what they want it to do, but security and robustness are often neglected or ignored.
To prevent accidental or malicious disruptions, organisations must adopt a proactive, security-first approach to software. Where is your data? How is it protected? If something bad happens, like a ransomware attack or a tsunami, how will you recover?
Software is a powerful tool for organisations of all kinds, but it must be selected, deployed, operated, and maintained inside a framework of security and resilience.