{"id":68674,"date":"2017-06-08T17:44:49","date_gmt":"2017-06-09T00:44:49","guid":{"rendered":"http:\/\/blogs.microsoft.com\/microsoftsecure\/?p=68674"},"modified":"2023-05-15T23:10:29","modified_gmt":"2023-05-16T06:10:29","slug":"the-ciso-perspective-putting-lessons-from-wannacrypt-into-practice-to-avoid-future-threats","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2017\/06\/08\/the-ciso-perspective-putting-lessons-from-wannacrypt-into-practice-to-avoid-future-threats\/","title":{"rendered":"The CISO Perspective: Putting lessons from WannaCrypt into practice to avoid future threats"},"content":{"rendered":"
Last month, customers and companies around the world were impacted by the WannaCrypt ransomware attack. Even those not impacted are assessing their risk and taking steps to help prevent such attacks. For everyone, including Microsoft, the attack is a stark reminder of the need for continued focus on security and proven operational techniques. So, after many conversations with my peers in the industry about the attacks in recent weeks and the steps we are each taking to better protect our environments, I wanted to share the common themes that have emerged. I\u2019ve included best practices, technologies and links to more information.<\/p>\n
This list is by no means exhaustive, but I hope it is a helpful starting point for those looking for more guidance on how to help protect their environments from present and future threats:<\/p>\n
Keeping systems up to date is critical so I want to share a few more thoughts about how we approach it as part of our overall security posture. First, there is no one-size-fits-all strategy. A comprehensive approach to operational security \u2013 with layers of offense and defense \u2013 is critical because attackers will go after every chink in your armor they can find. That said, updating can be difficult in complex environments, and admittedly no environment is 100% secure, but keeping your software up to date is still the number one way to stay secure in a world of motivated attackers and constantly evolving threats.<\/p>\n
In terms of how we approach patching and updating at Microsoft, I’m fortunate to have passionate teams working around the clock to limit the impact of infections and update vulnerable systems as quickly as possible. I also know that the Windows team works hard to ensure that they consistently deliver high quality updates that can be trusted by hundreds of millions of users. They conduct thousands of manual and automated tests that cover the core Windows functionality, the most popular and critical applications used by our customers, and the APIs used by our broad ecosystem of Windows apps and developers. The team also reasons over the data, problem and usage reports received from hundreds of millions of devices and triages that real world usage information to proactively understand and fix application compatibility issues as quickly as possible. With all of this context in mind, I want to acknowledge that even more work is needed to make updates easier to deploy and we have teams across the company hard at work improving the experience.<\/p>\n
Whether you are a vendor like Microsoft or one of the billions of businesses who count on IT to function, security is a journey, not a destination. That means constant vigilance is required. I hope you find this information helpful on your own journey and as you assess you readiness in light of recent attacks.<\/p>\n
You can read more about the WannaCrypt attack in the MSRC Blog<\/a>, as well as Microsoft President Brad Smith’s perspective<\/a> on the need for collaboration across industry, government and customers to improve cybersecurity. Visit our Get Secure, Stay Secure<\/a>\u00a0page regularly for additional guidance, including new insights on ransomware prevention in Windows 10<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" Last month, customers and companies around the world were impacted by the WannaCrypt ransomware attack. Even those not impacted are assessing their risk and taking steps to help prevent such attacks. For everyone, including Microsoft, the attack is a stark reminder of the need for continued focus on security and proven operational techniques. So, after […]<\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3661],"topic":[3673],"products":[3690],"threat-intelligence":[],"tags":[3802],"coauthors":[2133],"class_list":["post-68674","post","type-post","status-publish","format-standard","hentry","content-type-industry-trends","topic-identity-and-access-management","products-microsoft-defender","tag-ransomware"],"yoast_head":"\n