The reality of just being able to know what's in the environment is to know where organisations are vulnerable so they can then take the right approaches to addressing it.
A frustrating factor with WannaCry is that it leveraged a known vulnerability, one that had been disclosed for over a month. The patch had already been available for Microsoft MS17-010; so when it hit, everyone was really surprised that so many systems could be affected.
The reality that we face is that organisations aren't patching these critical, easily exploitable vulnerabilities.
This whitepaper will:
- Define the term in security context;
- Discuss lessons learned from WannaCry and NotPetya;
- Share concerns about the threat of IT impacting OT with catastrophic results.