Failure to patch is leaving companies open to attack

One in four organizations have been breached because of unpatched vulnerabilities according to a new report from Tripwire on vulnerability management trends.

The firm surveyed 340 infosecurity professionals to reveal that 24 percent  of global organizations have been breached as a result of unpatched vulnerabilities with an even higher rate in Europe of 34 percent.

Vulnerability management begins with visibility of the attack surface and Tripwire's report found that 59 percent of global organizations are able to detect when new hardware and software are on their networks within minutes or hours.

However, this manual effort has proved difficult for many organizations and almost half (47%) report that less than half of their assets are discovered automatically including 13 percent who don't even use automatic discovery solutions.

Unpatched vulnerabilities

In order to assess the attack surface for vulnerabilities, 88 percent of those surveyed said they run vulnerability scans but Tripwire's research found that organizations address vulnerabilities with varying degrees of effectiveness.

The use of authenticated scans has improved compared with a past report and 63 percent now say they conduct authenticated scans as part of their vulnerability assessment. However, more than one third (39%) are still not scanning for the weekly as recommended by industry standards.

According to Tripwire's report, 16 percent of US organizations say they conduct vulnerability scans to meet compliance or other requirements though this rate was higher for European organizations at 21 percent.

Vice president of product management and strategy at Tripwire, Tim Erlin explained why organizations should be scanning for vulnerabilities more often, saying:

“How you assess your environment for vulnerabilities is important if you want to effectively reduce your risk. If you are not doing authenticated vulnerability scans, or not using an agent, then you are only giving yourself a partial picture of the vulnerability risk in your environment. And if you’re not scanning for vulnerabilities frequently enough, you’re missing new vulnerabilities that have been discovered, and you may miss assets that tend to go on and off the network, like traveling laptops.”

How It works

Search Crack for

Latest IT News

Jun 4
We spoke with MeetinVR about its new VR collaboration tool which aims to put human interaction back into virtual meetings.
Jun 4
Compatibility issue presented itself in testing a couple of months back, so it's not clear why it remains.
Jun 4
Avast warns iOS VPN apps could be fleeceware scam.
Jun 3
The new feature could be a game-changer, avoiding the need to use two separate programs for handling PDFs.
Jun 3
New figures showing desktop OS market share make for interesting viewing, especially for Linux fans.
Jun 3
Zoom withholds privacy features to better support law enforcement efforts
Jun 3
Windows 10's Disk Cleanup has been changed so that users no longer get the option to delete files in the Downloads folder.

Latest cracks