dcsimg

Top Barriers to Effective Vulnerability Risk Management

  • Top Barriers to Effective Vulnerability Risk Management-

    Barrier #4 – Volatile Threatscape

    Organizations are trying to fend off a never-ending barrage of new attacks and vulnerabilities. As organizations introduce new technologies, the number of vulnerabilities increases and new classes of vulnerabilities are introduced, thereby creating additional complexity. Meanwhile, human vulnerabilities can occur both outside (cyber criminals) and inside (employees) the organization.

    However, most organizations do not even use the patching and configuration tools available to help prevent security breaches. New technologies and risks are proliferating, but security efforts are not keeping up.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12

Top Barriers to Effective Vulnerability Risk Management

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
  • Top Barriers to Effective Vulnerability Risk Management-6

    Barrier #4 – Volatile Threatscape

    Organizations are trying to fend off a never-ending barrage of new attacks and vulnerabilities. As organizations introduce new technologies, the number of vulnerabilities increases and new classes of vulnerabilities are introduced, thereby creating additional complexity. Meanwhile, human vulnerabilities can occur both outside (cyber criminals) and inside (employees) the organization.

    However, most organizations do not even use the patching and configuration tools available to help prevent security breaches. New technologies and risks are proliferating, but security efforts are not keeping up.

When it comes to the effectiveness of traditional vulnerability risk management programs, the challenges are often rooted in the process itself. Simply put, there are many manual steps (and often missteps) – from vulnerability scanning and detection to verification, impact analysis, and remediation – all of which can consume up to 40 percent of the IT organization's resources.

Given the labor-intensive list of to dos, many IT organizations use vulnerability management tools merely as a means to help document system compliance with industry or government regulations. Vulnerability management has become a "one-and-done" task, contributing to a less than effective outcome, as new technologies – and threats – are constantly being introduced into the environment.

NopSec CTO Michelangelo Sidagni explores how the manual aspects of vulnerability risk management cause broader challenges that can overwhelm IT departments and cripple their remediation efforts.