Security News > 2021 > March > Cybersecurity Bug-Hunting Sparks Enterprise Confidence

Nearly three-quarters of IT security professionals surveyed say they prefer to buy technology and services from vendors who are proactive about security, including leveraging ethical hacking and having transparent communications about vulnerabilities.

Thirty percent of those surveyed said they could patch a vulnerability in a week or less, but on average, it takes about six weeks to patch a bug from the time its first detected, with 63 percent saying delays are caused by "Human error."

"Security doesn't just happen," Suzy Greenberg, vice president, Intel Product Assurance and Security said.

Transparency about security updates and vulnerabilities was also a big deal for enterprises, with 64 percent of respondents noting, "The ability to be transparent about security updates and mitigations that are available," is "Highly important." Despite the need, only 48 percent of respondents say they're getting this kind of communication, the report added.

Twenty-one percent say it should be the CISO, 19 percent believe the CIO or CTRO should lead security efforts, and 17 percent think it's the business-unit leaders who should take responsibility.

"Organizations have an appetite for security assurance and evidence that components are operating in a known and trusted state. As an industry, we must not only assess risk, but ensure customers know when security updates are available to build trust. Our end goal is to take a transparent approach to security to protect customer workloads and improve software resilience, and we encourage our industry partners and competitors to follow suit."

News URL

https://threatpost.com/cybersecurity-bug-hunting-enterprise-confidence/164782/