Cyber security

How the cyber security landscape has changed since the WannaCry ransomware attack

Seven years post-WannaCry, the UK's NCSC bolsters cyber defences, yet evolving technologies and threats demand continuous innovation and skilled professionals.

Oops, your files have been encrypted."

This was the message that greeted thousands of NHS employees as they logged on to their computers in May 2017. Their PCs had fallen victim to a ransomware called WannaCry, a cyber attack that involves a ransom demand to unlock a victim’s files.

In this case no ransom was paid but the incident reportedly cost the NHS around £92 million in lost output and missed appointments.  

It also highlighted the vulnerabilities in our state cyber security infrastructure. So, what lessons have been learned nearly seven years on from the attack? 

Tackling the threat of cyber attacks

The WannaCry attack was a huge wake-up call to the growing threat posed by ransomware and cyber attacks. There had been others, but the global scale and disruptive impact of WannaCry sparked a rethink of state cyber security strategies across the world.

The UK government set up the National Cyber Security Centre (NCSC) in 2016 with the goal of "Helping to make the UK the safest place to live and work online."

It implements security measures like robust encryption protocols and intrusion detection systems to stop cyber attacks before they break through defences, and promotes a culture of cyber security awareness and preparedness, emphasising the importance of regular system updates, secure password practices, and employee training to minimise vulnerabilities.

Initiatives like the NCSC’s Cyber Aware campaign play a key role in raising public awareness about cyber security risks and promoting proactive cyber hygiene practices. By educating the public on the dangers of phishing scams, malware infections, and data breaches, the NCSC aims to create a resilient cyber ecosystem where everyone is prepared to defend against cyber threats. 

The need for a skilled cyber workforce

The cyber security landscape continues to evolve rapidly alongside emerging technologies like artificial intelligence, cloud computing, and the Internet of Things (IoT).

So a skilled cyber workforce is crucial for defending against evolving threats and driving innovation in cyber defence technologies. In fact, demand for cyber security professionals is at an all time high, with more than 3.3 million job postings between 2021 and 2023.

Responsibilities of a cyber professional can include things like managing and protecting databases and identifying system weaknesses, or even investigating cyber security breaches. A blend of ongoing maintenance and reactive work means no two days are likely the same.

Penetration testing is sometimes part of the role. This involves looking for a specific vulnerability in a target environment. It's sometimes referred to as 'ethical hacking', but there are actually some key differences which you can read about in our article Ethical Hacking Vs Penetration Testing.

Key attributes of a cyber security professional include an ethical mindset, patience and a meticulous eye for detail, as well as good time management skills. You might not yet have the technical know-how, but our article on transferable skills for cyber security might help you figure out if it's for you. 

Once you have more experience, growth opportunities might include looking after a team of experts or working on high-risk projects for bigger, corporate clients.

If you think you have the right attributes for a career in cyber security, you could explore this further by talking to one of our Career Consultants. Or you can check out our cyber security career pathways and certifications, as well as related career options.

Don’t just take our word for it...

View all Trustpilot reviews