Increasing Cyber Threats Warrant Faster Vulnerability Remediation
Over 8,000 vulnerabilities were published in the first quarter of 2022.1 If this rate continues to increase, organizations could see a 25 percent increase in vulnerabilities since 2021. Additionally, 10 percent of vulnerabilities have a critical score2 which raises even more concern for IT and Security teams.
Most companies take 60 days to successfully remediate a critical vulnerability, and it varies by industry. Healthcare averages 44 days to remediate known vulnerabilities, while public administration takes over 90.3 Higher Mean Time to Remediate (MTTR) means more opportunities for cyber attacks. Thus, companies need faster remediation. So, how can they speed remediation?
The remediation process involves prioritizing vulnerabilities, correlating them with available fixes, and successfully deploying the fixes. The correlation step is often manual and the most time-consuming part of the process. Automation research and correction time will speed the remediation process and reduce MTTR. While much of the effort is spent on recently published and zero-day vulnerabilities, older vulnerabilities still present a significant security threat. In 2020, 75 percent of attacks exploited vulnerabilities that were at least three years old, and 18 percent exploited vulnerabilities that were at least seven years old.4 Unpatched known vulnerabilities pose major security risks. In fact, according to Ponemon, 60 percent of breached companies said their exposure was due to unpatched known vulnerabilities where patches were not applied.5
Although CISOs and CIOs establish goals that drive down MTTR and patch known vulnerabilities, they need the right tools. With the advent of BigFix Insights for Vulnerability Remediation, organizations now have an opportunity for achieving both objectives. By leveraging the power and efficiency of BigFix companies can identify, patch, and remediate all known vulnerabilities and by doing so reduce MTTR.
BigFix Insights for Vulnerability Remediation is included with several BigFix offerings. To learn more, schedule a demonstration or visit www.BigFix.com.
[1] https://nvd.nist.gov
[2] https://www.cvedetails.com
[3] https://www.prnewswire.com/news-releases/organizations-take-an-average-of-60-days-to-patch-critical-risk-vulnerabilities-301496256.html
[4] https://www.checkpoint.com/downloads/resources/cyber-security-report-2021.pdf
[5] https://www.servicenow.com/lpayr/ponemon-vulnerability-survey.html
Start a Conversation with Us
We’re here to help you find the right solutions and support you in achieving your business goals.
