Top Barriers to Effective Vulnerability Risk Management

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
Next Top Barriers to Effective Vulnerability Risk Management-2 Next

A Vulnerable Landscape

Cyber crime is a low-risk, high-return growth industry with an estimated annual cost to the global economy of more than $400 billion, according to The Center for Strategic and International Studies and Intel Security. While more than 7,900 IT security vulnerabilities were identified in 2014, countless other vulnerabilities went undiscovered and continue to do so. Referred to as zero-day vulnerabilities for their "unknown" classification, these gaps pose potentially significant security risks to organizations and governments around the world. Heartbleed, Shellshock (or the Bash bug) and POODLE are just three examples of high-profile vulnerabilities that rocked the IT industry last year.

Whether the threat is known or unknown, cyber criminals exploit these vulnerabilities to gain unauthorized access to user accounts, devices and systems. Consider that just one unpatched server gave hackers access to 76 million customer profiles. Staying ahead of the aggressive threat landscape is a never-ending requirement for any organization.

When it comes to the effectiveness of traditional vulnerability risk management programs, the challenges are often rooted in the process itself. Simply put, there are many manual steps (and often missteps) – from vulnerability scanning and detection to verification, impact analysis, and remediation – all of which can consume up to 40 percent of the IT organization's resources.

Given the labor-intensive list of to dos, many IT organizations use vulnerability management tools merely as a means to help document system compliance with industry or government regulations. Vulnerability management has become a "one-and-done" task, contributing to a less than effective outcome, as new technologies – and threats – are constantly being introduced into the environment.

NopSec CTO Michelangelo Sidagni explores how the manual aspects of vulnerability risk management cause broader challenges that can overwhelm IT departments and cripple their remediation efforts.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.