Enterprise cyber security remediation strategies ‘as effective as chance’
Most common approaches to prioritising and fixing vulnerabilities are roughly as effective or far less effective than addressing vulnerabilities at random.
This is according to a new study by Kenna Security and the Cyentia Institute.
Researchers compared 15 different remediation strategies against a system of fixing vulnerabilities at random to provide a point of reference that illustrates the effectiveness of each strategy. More than half of the strategies were found to be no more effective than chance.
The report, ‘Prioritization to Prediction: Analyzing Vulnerability Remediation Strategies’, includes new insights into vulnerability lifecycles, the key factors that influence the prevention of vulnerabilities, and the effectiveness of various vulnerability strategies used to prioritise enterprise cyber security efforts.
According to the study, the volume and velocity of vulnerabilities is rapidly increasing. The researchers found that in 2017, businesses had to decide how to address an average of 40 new vulnerabilities every day, including weekends. Last year saw the highest number of year-on-year entries in the database, which more than doubled those entries in 2016. They explained that 2018 is on track to either match or exceed those figures reported last year.
Speed must be a priority, say the report authors. The greatest number of exploits are published in the first months after a vulnerability is released and 50 per cent of exploits are published within two weeks of a new vulnerability. They said this means businesses realistically only have ten working days to find and fix the riskiest vulnerabilities.
Karim Toubba, CEO, Kenna Security, said: “Businesses can no longer afford to react to cyber threats, as the research shows that most common vulnerability remediation strategies are about as effective as rolling dice. But there is hope – a predictive model based on cutting-edge data science is more efficient, requires less effort, and provides better coverage of an enterprises’ attack surface.”
Jon Oltsik, senior principal analyst at the Enterprise Strategy Group (ESG), added that these systems are “moving beyond real-time assessments by forecasting weaponisation and risk well before an attack is possible”. He went on to say this proactive approach can help organisations anticipate attacker behaviour.
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.