Lack of security resources is not exclusive to the NHS, study shows

The NHS could have avoided WannaCry with more resources - but many IT leaders are suffering from the same problem

The National Audit Office recently concluded that the NHS could have avoided WannaCry by applying patches and better managing its cybersecurity. A survey by IT MSP CORETX has shown that the same is true amongst many IT leaders in the UK, who have the technology but lack the resources to operate it.

72 per cent of IT decision makers in mid-sized companies said that they have a Security and Information Event Management (SIEM) solution; and cyber defences are regularly refreshed.

However, only four per cent of respondents had staff committed to monitoring and reporting on the security information created by a SIEM or other source; and fewer than 20 per cent said that they monitor all IT logs that might contain security information.

Only 13 per cent of respondents said that they are sending security information to ‘someone able to deal with it'; but just six per cent had staff dedicated to acting on security reports.

Day-to-day security management is increasingly falling to generalist IT employees, rather than specialists. Merlin Gillespie, group strategy director at CORETX, said, "Analysing live data feeds to identify cyber-attacks is something general IT staff are unlikely to be appropriately skilled for. It's also a relentless task. There's a lot of data to analyse and cyber-criminals don't respect 09:00 - 17:30 working patterns. Non-specialists may struggle to be consistently effective at the level required, which seems to be born out in our survey results."

He continued: "Of the organisations we surveyed, 75 per cent have recently fallen victim to a cyber-attack, with 40 per cent occurring in the last year. It's clear that many organisations' security practices leave very large gaps in their protection. In our view, creating actionable intelligence on the threats organisations faces can only be handled by a dedicated team."