dcsimg

Top Barriers to Effective Vulnerability Risk Management

  • Top Barriers to Effective Vulnerability Risk Management-

    Barrier #8 – Expanding Attack Surface

    The rise of cloud services, mobile applications, BYOD and the Internet of Things further complicates an organization's ability to protect itself and expands its attack surface – the collection of areas vulnerable to compromise by attackers. Most organizations also do not address third-party security, leaving an organization at higher risk when it shares access to systems and applications with parties outside of the organization.

    The security of today's organizations relies on their ability to identify vulnerabilities in everything that is connected to their networks and applications.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12

Top Barriers to Effective Vulnerability Risk Management

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
  • Top Barriers to Effective Vulnerability Risk Management-10

    Barrier #8 – Expanding Attack Surface

    The rise of cloud services, mobile applications, BYOD and the Internet of Things further complicates an organization's ability to protect itself and expands its attack surface – the collection of areas vulnerable to compromise by attackers. Most organizations also do not address third-party security, leaving an organization at higher risk when it shares access to systems and applications with parties outside of the organization.

    The security of today's organizations relies on their ability to identify vulnerabilities in everything that is connected to their networks and applications.

When it comes to the effectiveness of traditional vulnerability risk management programs, the challenges are often rooted in the process itself. Simply put, there are many manual steps (and often missteps) – from vulnerability scanning and detection to verification, impact analysis, and remediation – all of which can consume up to 40 percent of the IT organization's resources.

Given the labor-intensive list of to dos, many IT organizations use vulnerability management tools merely as a means to help document system compliance with industry or government regulations. Vulnerability management has become a "one-and-done" task, contributing to a less than effective outcome, as new technologies – and threats – are constantly being introduced into the environment.

NopSec CTO Michelangelo Sidagni explores how the manual aspects of vulnerability risk management cause broader challenges that can overwhelm IT departments and cripple their remediation efforts.