Top Barriers to Effective Vulnerability Risk Management

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
Next Top Barriers to Effective Vulnerability Risk Management-2 Next

A Vulnerable Landscape

Cyber crime is a low-risk, high-return growth industry with an estimated annual cost to the global economy of more than $400 billion, according to The Center for Strategic and International Studies and Intel Security. While more than 7,900 IT security vulnerabilities were identified in 2014, countless other vulnerabilities went undiscovered and continue to do so. Referred to as zero-day vulnerabilities for their "unknown" classification, these gaps pose potentially significant security risks to organizations and governments around the world. Heartbleed, Shellshock (or the Bash bug) and POODLE are just three examples of high-profile vulnerabilities that rocked the IT industry last year.

Whether the threat is known or unknown, cyber criminals exploit these vulnerabilities to gain unauthorized access to user accounts, devices and systems. Consider that just one unpatched server gave hackers access to 76 million customer profiles. Staying ahead of the aggressive threat landscape is a never-ending requirement for any organization.

When it comes to the effectiveness of traditional vulnerability risk management programs, the challenges are often rooted in the process itself. Simply put, there are many manual steps (and often missteps) – from vulnerability scanning and detection to verification, impact analysis, and remediation – all of which can consume up to 40 percent of the IT organization's resources.

Given the labor-intensive list of to dos, many IT organizations use vulnerability management tools merely as a means to help document system compliance with industry or government regulations. Vulnerability management has become a "one-and-done" task, contributing to a less than effective outcome, as new technologies – and threats – are constantly being introduced into the environment.

NopSec CTO Michelangelo Sidagni explores how the manual aspects of vulnerability risk management cause broader challenges that can overwhelm IT departments and cripple their remediation efforts.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.