A report by cyber risk assessment company Black Kite showed that the computer systems for 20 percent of the 100 largest defense companies in the U.S. are vulnerable to ransomware attacks.
Forty-three percent of surveyed contractors still use outdated technology and 42 percent had at least one credential that has been compromised during a 90-day period, Black Kite said Tuesday.
The company used its Ransomware Susceptibility Index to measure how likely an organization will experience an attack and found that the country’s top defense contractors had an average RSI score of 0.39 with 1 being the highest. The most vulnerable organizations had a score higher than 0.6, the index’s critical threshold value.
Ninety-six percent of contractors had security measures that align with publicly available controls set forth by the Department of Defense’s Cybersecurity Maturity Model Certification program, according to the report.
“When organizations maintain a continuous view of their cyber risk posture, they are armed with detailed information to protect their most critical assets and controls,” Bob Maley, chief security officer at Black Kite.