20 percent of endpoints have legacy security vulnerabilities

According to a new report, at least 20 percent of enterprise endpoints remain unpatched after the remediation is completed, meaning that a fifth of machines still have a significant number of legacy vulnerabilities that could be exploited at any time.

The study of over 800 IT professionals from Action1 Corporation finds 10 percent of organizations suffered a breach over the past 12 months, with 47 percent of breaches resulting from known security vulnerabilities.

Endpoints remain remain continuously unpatched due to laptop shutdowns or update errors. In addition 38 percent of organizations fail to prioritize security flaws, while 40 percent take more than a month to remediate known vulnerabilities (of these, 24 percent take more than three months). In addition the study shows that 48 percent of organizations don't evaluate the effectiveness of their vulnerability remediation efforts.

Phishing is the most common attack vector reported by 49 percent of respondents and 54 percent of victims had their data encrypted by ransomware. Also worrying is that 30 percent of organizations say they take more than a month to detect known vulnerabilities.

"The gaps in the detection and prioritization stages of vulnerability management suggest the actual proportion of unpatched endpoints could be much higher. Organizations must ensure effective communication on all levels to eliminate these gaps, implement automation, and build cyber resilience," says Alex Vovk, CEO and co-founder of Action1. "Otherwise, we risk another year of costly breaches."

The full report is available from the Action1 site.

Image credit: billiondigital/depositphotos.com