THE BLOG

How Can Ransomware Attacks Like WannaCry Be Prevented?

17/05/2017 17:35 BST | Updated 17/05/2017 17:35 BST

The short answer is: we can't. In that regard, the world of cyber terrorism is no different to that of its conventional counterpart - the one, painfully inevitable fact is that each attack will not be the last.

At the core of this problem is the speed at which cyber threats continue to evolve. Increasingly sophisticated tools have become ever more cheaply and readily available, both to sophisticated criminal organisations and to 400-pound hackers sitting on their beds (sic), allowing cybercriminals to iterate rapidly and devise increasingly innovative ways to launch their attacks.

As this threat evolves, organisations need to fight fire with fire, or more accurately, to fight innovation with innovation, moving nimbly and swiftly to come up with creative solutions to defend against these attacks. Much of the onus here is typically placed on governments, followed closely by large corporates but, commendable though many of these are, 'nimble' and 'swift' are two adjectives rarely ascribed to these two types of organisations.

Instead, it is startups that tend to be best equipped to move quickly enough to respond in kind to these threats, and indeed to preempt them. By nature, startups are freed from the shackles of lengthy sign-off processes and management chain approvals and are therefore able to innovate just as nimbly as 'hackers' do themselves.

In the two years since launching CyLon, Europe's first cyber security accelerator, we've welcomed almost 40 such startups who between them have built a veritable arsenal of impressive cyber security solutions, ranging from anti-phishing training to mobile biometrics, bulk data synthesis and innovative email security. In our experience, the genesis of these technologies is not the problem; instead, it's the willingness of large organisations to embrace them, questioning why they should trust such young, unproven companies.

Large organisations set an extremely high bar when it comes to cyber security - the last thing they want to do is take risks on new solutions when it comes to protecting their most valuable data assets. No organisation is more infamous for this amongst the startup ecosystem than the NHS itself.

This is not said by way of criticism, but rather to acknowledge the challenge inherent within security innovation. Companies and governments can't afford to expose their digital security set-up, but must somehow find a way to embrace new innovations or the hackers will, inevitably, find a way through.

Often, once startups have found a way to battle through the multiple layers of procurement teams, their technology speak for itself, with notable successful examples including RipJar - a data intelligence startup now boasting clients across the public and private sectors - and CheckRecipient, a young company solving the problem of misaddressed email for numerous leading professional services firms.

In other words, they've built technologies which - despite and perhaps because of their relative youth - are already proving they can play a central, front-line role in keeping us safer. As the cyber threat continues to grow, so does the need to find a way to embrace these new technologies.