Organizations Prioritize Vulnerabilities Based on Risk Assessment
Organizations Prioritize Vulnerabilities Based on Risk Assessment

Image: Andras Vas (unsplash)

A recent report by Syxsense delved into the analysis of vulnerabilities. The study revealed that a staggering 78% of the organizations observed a spike in vulnerability volume in the preceding year. Alarmingly, almost one in four of these entities endured a security breach due to neglected vulnerabilities. Over half the organizations, 51% to be precise, conveyed a moderate understanding of vulnerabilities present within their digital systems. Among these entities, there was a disclosure that 26% identified over 100 new vulnerabilities on a monthly basis.

In terms of proactive measures, a mere 35% of the surveyed organizations adopted regular vulnerability scanning. Surprisingly, only 11% took the initiative to deploy patches on the very day they were released, while 47% opted for a timeframe exceeding a week for this task. It’s noteworthy that a significant 65% of organizations ranked vulnerabilities based on their associated risk.

Some key insights from the study include:

  • A notable rise in vulnerabilities has been observed over the past year for most organizations: 38% noted an uptick of up to 25%, another 25% witnessed a surge between 26%-50%, and an astounding nearly 15% experienced a growth of 51% or more.
  • When exploring the obstacles organizations face in enhancing vulnerability management, two primary challenges emerge: 56% pointed towards budget limitations, while 46% highlighted a shortage of the requisite skills.
  • A substantial interest has been shown by organizations in honing the precision of vulnerability detection, with a dominant 79% emphasizing its importance.

For a comprehensive overview, the full report is accessible here.