Key report takeaways:
- Fortune 500 organizations reviewed expose from 500 to 2500 systems/devices or more to public attack
- The average Fortune 500 organization exposes 5-10 telnet or Windows file-sharing services, despite their known vulnerabilities
- Of the appraised Fortune 500 organizations, 330 have week or non-existent anti-phishing defenses
- The Fortune 500 companies examined exposed which cloud providers they were using, allowing for directed attacks
- All industry sectors of the Fortune 500 showed malware compromises, some with daily compromises including resource theft and ransomeware
Impacts to the Heuristic Security model:
Just reaffirms the need to focus on ensuring basic controls and cyber-hygiene first and foremost.