Action1 Corporation, a provider of a risk-based patch management platform designed for work-from-anywhere enterprises, released its 2023 State of Vulnerability Remediation Report. Based on feedback from 804 IT professionals, the report reveals critical gaps in vulnerability management within organizations, which are being overlooked by executive leadership teams despite high-profile breaches and increased emphasis on cybersecurity from the authorities. These gaps leave organizations vulnerable to cyber threats.
Key findings of the report:
- The time to combat low cybersecurity awareness among employees has increased over the past year.
- 10 percent of organizations suffered a breach over the past 12 months, with 47 percent of breaches resulting from known security vulnerabilities; phishing was the most common attack vector reported by 49 percent of respondents; 54 percent of victims had their data encrypted by ransomware.
- IT teams rank the lack of support from the executive team for cybersecurity initiatives as the key threat to cyber resilience. Many IT teams also face operational issues that leave no time for cybersecurity.
- 30 percent of organizations take more than a month to detect known vulnerabilities.
- 38 percent of organizations fail to prioritize security flaws, while 40 percent take more than a month to remediate known vulnerabilities (of them, 24 percent take more than 3 months).
- On average, 20 percent of endpoints remain continuously unpatched due to laptop shutdowns or update errors.
Get the complete report here: www.action1.com/2023-state-of-vulnerability-remediation-report/
