Organizations taking nearly two months to remediate critical risk vulnerabilities

2022-03-10 06:00

The report reveals that organizations are still taking nearly two months to remediate critical risk vulnerabilities, with the average mean time to remediate across the full stack set at 60 days.

High rates of "Known" vulnerabilities which have working exploits in the wild, used by known nation state and cybercriminal groups are not uncommon.

Crucially, 57% of all observed vulnerabilities are more than two years old, with as many as 17% being more than five years old.

These are all vulnerabilities that have working exploits in the wild, used by known nation state and cybercriminal groups.

Healthcare organizations - despite the extreme pressure they endured in the past two years - came out on top, with an MTTR of just 44 days.

At the opposite end of the spectrum, the public administration sector took an average of 92 days to remediate known vulnerabilities - a month longer than the cross-industry average.

News URL

https://www.helpnetsecurity.com/2022/03/10/state-of-vulnerability-management/

#critical #vulnerabilities

News URL

Related news