Over 60 percent of enterprise cybersecurity incidents relate to known risks
A new Cloud Risk Exposure Impact Report from ZEST Security shows that 62 percent of incidents are directly related to risks the security team had previously identified, researched fixes for, and had open tickets for remediation in the backlog.
The survey of over 150 security decision makers working in large US enterprises reveals that it takes 10 times longer to remediate vulnerabilities than it takes for attackers to exploit them, highlighting a significant advantage for attackers.
The cost of remediation is high too, based on the time, resources, and effort reported by respondents it amounts to over $2 million annually.
"There is a direct correlation between delays in remediation and the rise in security incidents," says Snir Ben Shimol, CEO and co-founder of ZEST Security. "Before this research, there was very little data quantifying just how much backlogged vulnerabilities and misconfigurations contribute to cloud incidents. The findings from this survey make it clear that visibility alone is not enough. Organizations require a more effective approach to remediation and mitigation to reduce cloud incidents."
Contributing to the high number of incidents tied to known risks is that 87 percent of survey respondents report a typical backlog of over 100 critical and under SLA security tickets. Six plus weeks is the average time it takes to remediate an application vulnerability in production. In addition 56 percent of risks can’t be remediated because there's no patch available, a legacy system cannot support an upgrade, or other factors.
In addressing the issue effort-based prioritization is a top approach with 53 percent reporting that more effective outcomes were a result of prioritizing remediation based on the number of issues resolved with a single fix. Automation is another approach with a third or more of respondents saying they want to adopt it for triage and root cause analysis, identifying the owner of open tickets, and prioritization efforts. 84 percent report researching mitigating controls, such as cloud-native services or tools like web application firewalls (WAFs), to reduce the risk or severity of vulnerabilities when remediation is not immediately possible.
"The findings of this report emphasize how important it is for organizations to develop risk remediation plans, similar to incident response plans, with stricter SLAs for addressing critical and high-risk vulnerabilities to reduce incidents," adds Shimol. "This shift will also be influenced by regulations, which are likely to shorten recommended timelines due to the rapid decrease in the time it takes for attackers to exploit vulnerabilities, now in just days."
The full report is available from the ZEST site.
Image credit: Elnur_/depositphotos.com