Key Findings

  • 20% of the top 100 defense contractors are highly susceptible to a ransomware attack
  • 42% of defense contractors have had at least one leaked credential within the last 90 days
  • Defense contractors are 96% compliant with publicly available CMMC controls
  • Patch management is the most common vulnerability, with 43% of contractors rated as an “F” or “Poor”