By Dan Mannion
Anyone who hadn’t heard of ransomware prior to May 12 is certainly aware of it now. WannaCry, a variant that burst onto the global scene targeting computers running Microsoft Windows, reportedly netted less than $80,000 in Bitcoin even though the attack was massive, impacting more than 230,000 computers in 124 countries.
For those of us in the technology industry, incidents such as this make the problems we see every day very real for the mass populous. And they’re looking to us for answers.
It’s important, however, to understand the best way to approach potential customers and prospects without positioning yourself as an alarmist looking to make a buck. To wit: A simple Google search for “WannaCry ransomware” brings up 2.1 million pages of content. In just three weeks, Google found more than 2 million references to WannaCry on news and commercial sites. In fact, the entire first page of Google results consists of paid ads from security companies.
To cut through that noise, educate your team, have a plan (more on that below) and start talking to customers now to grasp exactly where they stand in terms of existing IT infrastructure and security posture. Most importantly, figure out how to be a benefit and not a salesperson.
On a technical level, WannaCry is a great object lesson for basic security hygiene. It was a rather unsophisticated attack. And, everyone on the planet should have been protected from the malware, because Microsoft released a patch for that specific vulnerability in March 2017. Customers whose IT teams or MSPs were equipped with the time, mandate and resources to deploy relevant patches as they are released were unscathed. I was frankly surprised at the global scale and speed at which WannaCry could proliferate and just how many IT teams are behind on server patching. Given that, partners and their security suppliers must be ready for the next wave.
Fortunately, our marketing and security operations teams had plans in place for these scenarios, and by the end of the first day of WannaCry, they executed a terrific strategy to help us rise above the noise to be a true resource for customers.
Below is the game plan we executed. Hopefully it can help you be ready for the next security emergency.
Whether you’re talking with the market, analysts, customers or prospects, you need to be committed to giving your best effort to deliver the clearest, most relevant content on a very intimidating topic.
The bad news is this will most likely happen again — and it could be even bigger. Please take time to build a plan with your teams on how to communicate what you’re seeing, what you’re doing and what they can do to stay safe.
And feedback is a gift, so we appreciate your comments on this blog, or any other information we share. We should all strive to learn from WannaCry to pursue constant improvement.
Dan Mannion is vice president, partners & alliances at Armor, the First Totally Secure Cloud Company that keeps sensitive, regulated data safe and compliant in the cloud. For more information, visit www.armor.com.