Dive Brief:
- Poor management of software vulnerabilities at a company can be an indicator of overall poor cybersecurity governance practices, S&P Global Ratings said in a report released Monday.
- Companies that fail to identify and remediate vulnerabilities could be held accountable when they are assessed for their overall level of risk management and internal controls, according to S&P.
- The report cited data in the 2024 Verizon Data Breach Investigations Report, which noted exploitation of vulnerabilities almost tripled in 2023. S&P analyzes thousands of companies and poor cyber hygiene could place a company at risk of operational disruption, reputational loss and financial impacts.
Dive Insight:
The recognition and remediation of software vulnerabilities has become an increasingly urgent issue in the cybersecurity community in recent years.
These vulnerabilities involve flaws left behind in the code base of applications, which can allow malicious attackers to gain unauthorized access to computer systems.
Vulnerability management has become a key concern for preventing ransomware and other malicious…
