The Heartbleed survey results are in – and the good news is that the vast majority SolarWinds Thwack Users are in the know and on top of it (of course, this comes as no surprise!).

 

Here are the results

 

 

  • Of those 61 respondents surveyed – only 6.6% were not sure if they were effected by the Heartbleed vulnerability and 100% were aware of the vulnerability.

  • When asked if the organization had a clear action plan to address Heartbleed – a whopping 81% were not vulnerable or had fully addressed the vulnerability.  Only 5% were still trying to identify steps or didn’t know what to do.

 

 

 

  • The cleanup of Heartbleed has made an impact on IT, but there is confidence in fast remediation for the most part.  Almost half of respondents said it only took hours to address.  30% said days, 11% said weeks and 10% were not sure.

 

 

 

 

 

  • When asked about overall effort/cost of tasks associated with the cleanup, the largest cited effort was following up with vendors to determine if products were effected. In second place – replacing digital certificates was cited and addressing customer concerns about the privacy of data was in third.  Surprisingly, addressing internal concerns about the vulnerability was ranked last, which is either a promising indicator of fast and clear communication as part of the incident response process or a lack of security awareness.

 

 

 

  • And finally, in terms of cleanup effort – the answers were pretty even across operating systems, websites and third party applications.

 

So, to sum up, its great to see that in spite of all the hype, while it may have been painful, it wasn't devastating to most.  We put a lot of effort into providing a fast vendor response on our end, and we hope that made it a bit easier for our beloved IT pros out there.