Leadership in Cybersecurity

Leadership Case Study

Abstract

This case study delves into the role of leadership in cybersecurity. It seeks to unravel the connection and between proper information security measures and leadership. As part of the discussion, the study focusses on the 2017 ransomware attack that crippled most government amenities over a one-week period. Ransomware poses a threat to institutions all around the world, but the risks to enterprises are much greater—and potentially catastrophic. Much of what business counsel and executives need to know about contemporary ransomware threats like WannaCry is covered in this study. It is divided into several sections. Part I gives a quick overview of ransomware, including its definition and history. The history of institutions as ransomware targets is examined in Part II. We provide a synopsis of the connection between leadership and the Ransomware virus in Part III, including what is revealed about the key leadership constraints circumventing cybersecurity, method of operation, and those that are thought to have spread the virus; we also explore leadership ways to guard against it.

Leadership Case Study

Introduction

Cyber-threats are a major concern. Electrical outages, failure of military hardware, and leaks of national security information are all possible outcomes of cyber strikes. They can lead to the loss of valuable and sensitive information, such as medical records. They have the ability to interrupt phone and computer networks, as well as paralyze systems, rendering data inaccessible. It is not an overstatement to say that data breaches may have an impact on how we live our lives. Threats are also becoming more dangerous. "Cybersecurity threats infiltrate every organization and aren't often under IT's direct control," according to Gartner. Business executives are pushing forward with their digital economy efforts, and they are making tech risk decisions on a daily basis. Large - scale cyber risk is real, but data security solutions are as well."

History of the Public Safety Event

The WannaCry1ransomware assault was a worldwide cyberattack that began on May 12, 2017, and had an unparalleled scope, affecting over 200,000 machines in over 150 countries in a matter of hours. Transnational crime syndicates "are altering their business strategies by utilizing so-called 'ransomware' to seize control of computer networks and then demanding payment in exchange for restoration," according to the report ("WannaCry ransomware attack," 2017). The WannaCry virus functions by encrypting a victim's data and demanding payment of a ransom in exchange for data recovery. It exploited a vulnerability within Microsoft Windows that had been initially developed by the US National Security Agency. According to security experts, a group of hackers linked to North Korea—who have also been linked to cyberattacks against the United States—has been identified.

Leadership issues that resulted to the attack

The WannaCry ransomware assault hit NHS organizations all around England. There are 34 trusts that have been compromised by the WannaCry ransomware, and 46 trusts that have not been compromised but have experienced disruption. 29 of the 34 trusts affected were in the NHS regions of the North as well as the Midlands and East. More organizations were affected in these regions, according to NHS England, because they were targeted early on May 12th, before the Ransomware kill-switch was enabled. A select number of NHS institutions were hacked while quite a number remained operational. Notably, the hacked hospitals had leadership compromises that resulted to the catastrophe.

System failure due to a lack of patching and updating, as well as reliance on outdated software

While it is impossible to eradicate all cyber risks, competent cyber-security can help organizations avoid harm. Having up-to-date defenses and anti-virus software, as well as applying patches (updates) on a regular basis, are examples of such practices. According to NHS England, WannaCry affected various sectors of the NHS mostly as a result of organizations' failure to maintain adequate cyber-security procedures. According to NHS Digital, all of the infected trusts have a common weakness in their Versions of windows that the WannaCry attack exploited (Allio, 2018). WannaCry attacked NHS organizations used unpatched or unsupported Windows operating systems. Regardless of whether organizations patched their networks or not, taking steps to maintain their internet-facing firewalls would have protected them from infection. The bulk of affected NHS devices were running on the approved Windows platform and were unpatched. Trusts running Windows 7 might have been protected from WannaCry by installing a Microsoft patch (or update) published in March 2017, and NHS England had issued CareCERT advisories on 17 March until 28 April urging trusts to do so. 3 As per the Ministry of Health (the State), the Window operating system is used on more than 90 percentage of total NHS equipment.