CBS news uncovered an audit that showed that not only was the City of Atlanta warned that their IT department “was on life support” and that there was no formal incident response plan, but the city did not even respond to the auditor to acknowledge the issues for months. The document presented to city leaders states, “the large number of severe and critical vulnerabilities identified has existed for so long the organizations responsible have essentially become complacent and no longer take action.”

Estimates for the resulting costs of this incident show that the City has spent almost $3M on investigation, remediation, implementing new technical controls, and outsourcing cybersecurity resources and the city is asking for an additional $9.5M for recovery cost.

What does this mean to you?  While no one can prevent every attack, how certain are you that none of the most commonly exploited vulnerabilities exist in your network?:

Don’t be a sitting duck like Atlanta was.  Assess and take action to remediate!