While there has already been quite a bit written comparing biological viruses to the cybermalware industry, they have largely been clickbait knee-jerk pieces that offer some but not much value to the reader. In this piece, I draw similarities between COVID-19 and WannaCry (for sake of being a well-known example). The comparisons I’ll draw won’t be all-inclusive, but rather those that point to a lesson that defenders (and victims) of either type of threat can benefit from.
The calm before the storm?
Actually, there is no calm before the storm. What there is, is a fast-paced, just-in-time world of businesses operating at breakneck speeds, with SecOps staff in short supply, with hospitals at near-full capacity, and with everything in our lives in the year 2020 built by algorithms for maximum efficiency. Black Swan events like WannaCry (and now, the Coronavirus) are never truly anticipated or prepared for. They make their way as a line-item in a risk register at best, with an assigned value, and a notion of what ‘acceptable risk’ the organisation associates with such an event.
Before a Black Swan type event hits, we also have a skewed set of priorities. We value perfect…
