DO MOST VULNERABILITIES POSE LITTLE TO No DRUGER OF BEING EXPLOITED?

Author:Abound, Jeff
Position:FRONTIER HORIZONS - Cybersecurity

"In our ongoing mission to apply the tenets of data science to cybersecurity, we have begun to benchmark the realities of vulnerability remediation strategies. We've found that remediating the riskiest vulnerabilities is within reach for many organizations," says Ed Bellis, CTO at Kenna Security. "Despite recent high-profile data breaches, our findings show that enterprises can and should delay efforts to remediate a majority of vulnerabilities, which often number in the millions. Most vulnerabilities pose little to no danger of being exploited. That means companies can prioritize their resources to tackle the five percent of threats that pose the greatest risk."

Kenna Security has released the second volume of its ongoing analysis into the vulnerability landscape. The report, "Prioritization to Prediction: Getting Real About Remediation," found that companies today appear to have the resources needed to address all of their high-risk vulnerabilities. The research demonstrates that firms are getting smarter in how they protect themselves from today's cyber threats, improving operational efficiency and resource allocation, while best managing risk. In fact, the majority of vulnerabilities are never weaponized or exploited in a cyberattack.

Cybersecurity researchers from Kenna Security and Cyentia Institute analyzed 3,000,000,000 vulnerabilities managed across more than 500 organizations and 55 sources of external intelligence. They then took a deep dive into the realities of remediation using anonymized data from a sample of 12 enterprises that were...

To continue reading

FREE SIGN UP