Only a quarter of organisations have security systems in place that were able to detect the WannaCry ransomware, but out of those organisations, 50% were unable to resist the attacks, a study has found.
Ponemon Institute conducted a study involving 202 senior-level security executives to discover their knowledge and understanding of cybersecurity risks, focusing on WannaCry, Petya - which disrupted health and financial institutions - and Vault 7 in particular.
On March 7 last year, a WikiLeaks leak revealed that the CIA had engineered several variants of malware, including Year Zero, Dark Matter, Weeping Angel, and HIVE, among others.
Ponemon’s study found that out of the three, most security experts had a high level of knowledge on WannaCry and Petya, but only a low level of knowledge and perception about the risk of Vault 7 attacks.
The highest level of awareness was for the Year Zero variant, for which 30% of respondents said they had a high level of knowledge.
A third of respondents stated they do not have the necessary expertise in-house to undertake cybersecurity threats, a result of both security staffing shortages and rising costs.
And less than 50% have little faith in their enabling security technologies, a factor multiplied by people and budget challenges.
The report delves deeper into the numbers and provides practical insights from SolarWinds MSP security VP Tim Brown, who has been consulted by the White House and the United States Congress for his expertise.
It also provides answers to critical questions such as:
- What are the major factors that affect an organisation’s vulnerability to cybersecurity threats?
- How can security professionals be proactive, rather than reactive to threats?
- How can organisations best prepare themselves to tackle cybersecurity threats?