Feeling Vulnerable? WannaCry?

“Proactive steps can be carried out to reduce vulnerability, aimed at negating negative business impact”

WannaCry ransomware was first reported on Friday the 12th May 2017. It quickly spread to more than 200,000 computers in over 150 countries and was headline news and continues to be topical in many discussions.

Hackers reportedly used classified information stolen from the National Security Agency to develop WannaCry ransomware that exploited a vulnerability in Microsoft Windows. The impact is huge, both economic and social, estimates are still being tabulated, but could run into the billions of dollars.

An important question raised is about the potential disruption of social and economic activities with increasing dependency on IT systems for daily operations. Irrespective whether one’s computer was infected by this ransomware or not, it is imperative to fix the identified vulnerability by applying software patches available from Microsoft. For computers that were infected, the first step was to stop any further spreading by isolating impacted computers, followed by restoration processes for the computers and data affected.

A key word that has emerged and should be highlighted is vulnerability. The attack vector in WannaCry was vulnerability in Microsoft Windows desktop computer software. Software from other providers too could be targeted for attacks if there are inherent vulnerabilities in their software or associated tools.

The question is: “How to minimize or eliminate vulnerabilities to avoid a potential attack and impact on business?”

In the case of WannaCry, the solution would have been to patch Windows software by applying updates from Microsoft before the vulnerability was exploited. Similarly, for any other software, regularly applying patches released by the providers reduces vulnerability.

But what if one had not applied the patch, the focus would be on the recovery process. Because of an increased dependency on technology, it is important to have an effective recovery process in place. Again, in the case of WannaCry, those that did not have recovery plans in place may have been forced to pay the ransom.

To minimise “vulnerability” below are 4 steps proactive steps that should be taken by every regular user of information technology:

-Deploy preventative measures: maintain software and use prevention and detection tools such as up-to-date antivirus software

-Build awareness through education and communication

-Continuity planning – for businesses, there has to be continuity planning against various risks that could impact the business – back-up procedures form a large part of this

-Monitor and check – regularly testing these proactive steps and updating risk registers is key

Depending on the criticality of the use of IT these proactive steps could be carried out in way commensurate with the risk either by internal IT organisations or by outsourced IT service management providers.

The challenge, and an important point for business leaders or business owners, is in determining the level of risk and the proactive measures that can be afforded and secondly, ensuring that those proactive and preventative measures are being undertaken as planned. Making addressing these challenges part of the overall organisation risk management process is a key step to avoiding surprises.

If you wish to find out more about how Accelerate Evolution can assist your organisation in building and managing effective cyber-defense mechanisms, please contact us on: information.technology@accelerateevolution.ae

 

Adeel Farooqui – Associate | Marketing & Positioning

Adeel is an expert Marketeer and Brand builder with more than 16 years in FMCG industry. He has worked with the world’s top companies like Procter & Gamble managing billion dollar brands like H&S, Pantene, Tide, Wella and many more.

He has also worked with emerging multinationals like Marico, creating new brands and portfolios, guiding where to play and how to win strategies across Middle East, North Africa and Pakistan. Adeel has a strong experience and knowledge of working in developed markets like Saudi, UAE, Belgium as well as low income markets like Egypt, Pakistan, Morocco.

Adeel’s portfolio of work includes managing global brands behind classical marketing campaigns as well as developing disruptive marketing models to lead challenger brands win against market leaders.

In his most recent engagement he guided Marico to a 360 plan to enter MENA white space successfully. The plan involved identifying the right markets, categories, products and brands to enter and win in the region as well as the best sourcing models and developing comprehensive blue prints for each brand in the portfolio.

Prior to this Adeel led the Haircare and Color Portfolio for P&G MENA with full volume and profit responsibility. During this assignment Adeel managed a full regional relaunch of Pantene brand as well as multiple line extensions and flankers for the rest of the portfolio. During this assignment Adeel took on a special project to improve execution of modern trade instore fundamentals and drive ROI for brand initiatives. Through deep dive analysis and correlating store wise offtakes to store executions and shopper understanding, sales and promotions budget was reduced by 20% without affecting P&G market share.

While working as the brand manager for Head&Shoulders, Middle East business, Adeel shaped the first long term digital strategy for the brand and in turn led the brand to highest ever shares in the Middle East. Under the platform of ‘H&S Freestyle’, H&S established a community for youngsters to showcase their freestyle across multiple sporting platforms like football, parkour, cycling etc. The platform remains a global pillar and best practice for H&S brand.

In his regional innovation role Adeel oversaw multiple upstream innovation projects across P&G’s laundry portfolio as well as white space launches, such as establishing a detergent plant in Pakistan. Working for the Tide brand, Adeel led a complete upgrade of the Tide Design and Equity blue print, creating a sharp positioning for the brand differentiating it from P&G other top tier brand Ariel. Adeel also successfully led the complex project of formula compaction to drive more sustainable product formula as an industry standard.

Adeel has also been a global trainer for P&G with specific focus on ‘Brand Architecture’, ‘Evaluating Marketing Communication’ and ‘P&G brand building framework’.

As a professional, he remains highly passionate about solving problems related to business and brand strategy. He believes in forming collaborative partnerships, working in teams and determining root causes to deliver break-through results which drive both business and people.

Jo Metzke – Associate | Supply Chain & Logistics

Jo has 20 years’ experience working in Supply Chain across MEA, Eastern Europe and Asia Pacific for large multi-national companies,  predominantly in FMCG, such as Coca-Cola, PepsiCo, GSK and Mondelez.

Over the years Jo held both operational and strategic roles within these companies, whilst most recently she has focused on optimizing the Supply Chain through Supply Chain Network Design whilst she was also responsible for building Middle East & Africa regional capability across the Supply Chain.

Her key skills and expertise are in:

Supply Chain Network Design optimising the manufacturing and distribution footprint to support the mid to long term strategic goals of a business

Supply Chain Best Practice Implementation focusing on Demand & Supply Planning, Transportation and Warehousing as well as Sales & Operations Planning

Inventory Optimisation through the development and deployment of effective Inventory Policies

Supply Chain Systems Implementation support, such as SAP APO from blueprint to go live

Driving productivity and identifying productivity opportunities has been a major focus throughout her supply chain career, and key achievements include delivering in excess of $20Million USD cost savings per year through the implementation of Supply Chain Best Practices and Supply Network Design.

When she is not busy helping organisations improve their supply chains, Jo runs….

She is very passionate about marathons. As of April 2017 she has run 13 marathons in the prior 4 years. Most recently she received the Abbott Six Star Medal for running all 6 World Marathon majors – Tokyo, Boston, London, Berlin, Chicago and New York.

Jo thoroughly enjoys pushing her boundaries, and she is currently in training for her 14th marathon!