SEC highlights lack of pen testing in latest cyber-alert

Sources say the WannaCry attacks left some firms “scrambling to install patches”