EY buys cyber-attack specialist to help protect its Asia-Pacific clients
Move comes in the wake of the recent ‘WannaCry’ attack which affected 200,000 computers in 30,000 organisations across 120 countries
Ernst and Young (EY) has acquired the Australian internet security specialist firm Open Windows, to create a centralised advisory platform for its clients in Asia-Pacific to help them be better protected against cyber attack.
The move, for an undisclosed amount, comes in the wake of the recent “WannaCry” attack, which Paul Clark, managing partner of EY’s advisory business in the region, said underlined the importance his firm now puts on providing more comprehensive cyber security support for its clients.
More than 200,000 computers in 30,000 organisations across 120 countries around the world were affected the WannaCry ransomware last month, including hospitals, shopping malls and railway stations on the mainland. Britain’s National Health Service was one of the worst affected.
One of the world’s so-called “Big Four” accounting and advisory firms, EY said 45 identity and access management staff at Open Windows will now be dedicated to helping its clients in the region protect against, or react to, any such attack.
In Hong Kong, companies were attacked 48 times by WannaCry from seven countries up until last Friday, according to Network Box Corp, an internationally managed security services provider that protects 1,700 key Hong Kong organisations from cyber attack.
Clark said cyber security, digital technology and analytic advisory services are now EY’s fastest growing business areas, and represent at least 40 per cent of the firm’s income.
He said EY has numerous clients that have become increasingly concerned about the issue.
“The importance of cyber security to all companies has increased enormously in the last few years, especially with the recent incidents like WannaCry,” he said.
“That attack indicated these challenges are global. Many [internet] regulators tend to think about national orders, but now it is clearly not a topic that limits itself to national borders.
“Traditionally people understand cyber attack from a more personal perspective such as in relation to bank accounts – but now these could link into companies’ operational technology,” he added.
“Employees of any companies need to be more diligent about how they access any company’s system, for example how they think about emails or accepting emails.”