More than two-thirds of security professionals are not confident their organizations have made necessary security improvements since the
WannaCry and
Petya attacks earlier this year, according to new research from
Tripwire.
The firm’s survey found that, despite the severity and damage caused by the cyber-attacks just a few months ago, there are doubts about whether companies have reacted appropriately to improve their cyber-defenses, with Tripwire suggesting this lack of confidence could be a result of organizations failing to implement critical security controls.
Nearly a third of respondents felt that the biggest problem a business faces is establishing what devices are on its network, whilst worries about vulnerability management (14%), administrative privileged issues (6%) and audit log attention (6%) also cropped up as areas of concern.
However, 40% believed that there was not a singular cause of security problems and that businesses were failing at all of the above.
Tim Erlin, vice-president at Tripwire, said that no matter how big or small an organization is, it has to have a serious attitude towards security.
“If you were lucky enough not to have been effected by WannaCry or Petya take it as a sign. Remember, you don’t have nine lives. All it takes is one data breach or another WannaCry and your company has lost data, money, credibility and most importantly, customer trust, which is one of the most difficult things to recover.
