Nearly 48 percent of organizations globally have embraced strategic vulnerability assessment – defined as mature or moderately mature programs that include targeted and tailored scanning and prioritizing computing resources based on business criticality – as a foundational element of their cyber defense and a critical step toward reducing risk, a new Tenable report has revealed.
Of those organizations, however, only five percent display the highest degree of maturity, with comprehensive asset coverage as a cornerstone of their programs. On the other end of the spectrum, 33 percent of organizations take a minimalistic approach to vulnerability assessments, doing the bare minimum as required by compliance mandates and increasing the risk of a business-impacting cyber event.
What’s your vulnerability assessment strategy?
The company’s previous report revealed that attackers generally have a median seven-day window of opportunity to exploit a known vulnerability, before defenders have even determined they are vulnerable. The resulting seven-day gap is directly related to how enterprises are conducting vulnerability assessments – the more strategic and mature the…
