Last year's cybersecurity issues could still be this year's nightmares
It can seem like securing systems is all about new threats and zero-day issues. But research from exposure management platform CyCognito shows that older issues can still be a problem.
It shows two percent of organizations have assets still vulnerable to Log4j. What's more over 50 percent of attempted patches require multiple rounds of validation before the patch is successful, often because of incomplete or inaccurately followed remediation instructions -- effectively prolonging the exposure window.
Older vulnerabilities that are still a risk, despite patches having been issued, include not only Log4j but also MOVEit, DarkBeam, Juniper Networks and CitrixBleed.
The research points out that comprehensive exposure management requires continuous monitoring for new assets and actively testing vulnerabilities that could put your organization at risk.
You can read more on the CyCognito blog and there's an infographic of the risks below.
Image credit: tommaso1979/depositphotos.com