New report from Syxsense and Cybersecurity Insider shows huge opportunities to improve vulnerability detection, visibility, and speed of patching, amidst growing volume of threats
Syxsense, a global leader in Unified Security and Endpoint Management solutions, and Cybersecurity Insiders, an online community of over 500,000 information security professionals worldwide, today released new research exploring the “2023 State of Vulnerability Management.” The research reflects the latest trends, key challenges, and solution preferences for vulnerability management across a range of technical executives, managers, and IT security practitioners from organizations of varying sizes and industries.
The research shows that managing cybersecurity vulnerabilities remains a significant challenge for most organizations. In fact, 78% of respondents report experiencing an increase in vulnerability volume over the past 12 months with almost a quarter experiencing a breach due to unaddressed vulnerabilities. Making matters worse, only half of respondents (51%) reported having a moderate level of visibility into vulnerabilities in their environments. Of that number, 26% have detected more than 100 new vulnerabilities every month.
Additionally, while continuous vulnerability scanning is employed by 35% of respondents, there remains a considerable lag in patch deployment as only 11% deploy patches the same day they become available, and 47% take more than a week. Furthermore, only 65% of organizations prioritize vulnerabilities based on risk. This lag in vulnerability management presents a huge window of risk for organizations (and opportunities for attackers) and suggests a need for more efficient vulnerability management strategies.
“Vulnerability management continues to be difficult for many organizations, especially when rapid technological advancement and ever-increasing attack surfaces outpace the ability to preempt emerging threats,” said Ashley Leonard, Founder and CEO at Syxsense. “Sadly, with only 19% of organizations having achieved a high-level maturity in their vulnerability management program, there is substantial room for industry-wide improvements. Today, too many vulnerabilities go undetected – or if detected, unpatched or not remediated in a timely manner – as organizations still grapple with limited resources or expertise to shore up their vulnerability management strategy.”
Other notable research findings include:
- Vulnerabilities on the rise – The majority of respondents are experiencing an increase in vulnerabilities over the last 12 months, with 38% seeing an increase of up to 25%, 25% seeing an increase of 26%-50%, and nearly 15% seeing an increase of 51% or more.
- Barriers to improvement – Budget constraints (56%) and skills shortages (46%) were leading challenges for organizations when it comes to improving vulnerability management.
- Solution priorities – Organizations are most interested in refining the accuracy of vulnerability detection (79%). Reporting and analytics (63%) and the cost of ownership (61%) were also top priorities.
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!