Security News > 2020 > September > Most security leaders feel their programs are mature, but data reveals otherwise

Most security leaders feel their programs are mature, but data reveals otherwise
2020-09-03 03:30

84% of security and IT leaders feel their enterprise programs are mature, but a deeper dive reveals a major disconnect between perception and reality, Vulcan Cyber reveals.

"Given the amount of breaches caused by known, unpatched vulnerabilities, that reveals a surprising disconnect that merits a closer look. So we mapped the survey data to our maturity model - the only way to raise the bar for vulnerability management is to show IT leaders how to transition their programs from managing vulnerabilities to remediating them."

Key research findings The most mature element of enterprise vulnerability management programs are vulnerability scanning, followed by the effective use of vulnerability remediation tools and vulnerability prioritization.

"Vulnerability scanning and prioritization are essential functions, but they are the bare minimum - not what constitutes a mature program," Bar-Dayan continues.

"In our experience, program bottlenecks are further along in the remediation lifecycle, stemming from inefficient cross team collaboration. Changing that requires organizations to update and automate their remediation processes. It's a serious undertaking, but one that transforms vulnerability management programs into a powerful lever for shrinking security debt and strengthening the company's security posture."


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/dMwCYYfLJIs/