Top Barriers to Effective Vulnerability Risk Management

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
Next Top Barriers to Effective Vulnerability Risk Management-2 Next

A Vulnerable Landscape

Cyber crime is a low-risk, high-return growth industry with an estimated annual cost to the global economy of more than $400 billion, according to The Center for Strategic and International Studies and Intel Security. While more than 7,900 IT security vulnerabilities were identified in 2014, countless other vulnerabilities went undiscovered and continue to do so. Referred to as zero-day vulnerabilities for their "unknown" classification, these gaps pose potentially significant security risks to organizations and governments around the world. Heartbleed, Shellshock (or the Bash bug) and POODLE are just three examples of high-profile vulnerabilities that rocked the IT industry last year.

Whether the threat is known or unknown, cyber criminals exploit these vulnerabilities to gain unauthorized access to user accounts, devices and systems. Consider that just one unpatched server gave hackers access to 76 million customer profiles. Staying ahead of the aggressive threat landscape is a never-ending requirement for any organization.

When it comes to the effectiveness of traditional vulnerability risk management programs, the challenges are often rooted in the process itself. Simply put, there are many manual steps (and often missteps) – from vulnerability scanning and detection to verification, impact analysis, and remediation – all of which can consume up to 40 percent of the IT organization's resources.

Given the labor-intensive list of to dos, many IT organizations use vulnerability management tools merely as a means to help document system compliance with industry or government regulations. Vulnerability management has become a "one-and-done" task, contributing to a less than effective outcome, as new technologies – and threats – are constantly being introduced into the environment.

NopSec CTO Michelangelo Sidagni explores how the manual aspects of vulnerability risk management cause broader challenges that can overwhelm IT departments and cripple their remediation efforts.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.