Security teams struggle to prioritize and patch vulnerabilities
According to a new report 39 percent of security professionals say they struggle to prioritize risk remediation and patch deployment, with 35 percent saying they struggle to maintain compliance when it comes to patching vulnerabilities.
The study from Ivanti also finds 87 percent of security pros feel they do do not have access to the critical data needed to make informed security decisions. In addition 46 percent believe IT teams lack urgency when addressing cybersecurity problems.
In addition 40 percent of organizations say the different tools used by IT and security teams contribute to a tech divide, leading to friction between the two groups. This is especially true of patch management, with security teams focussed on rapid testing and deployment of patches while IT teams want to balance these efforts against the impact on the wider business.
An ‘everything is urgent’ mentality can end up pressuring IT teams to deploy patches before adequate testing has taken place, increasing the risk of unplanned outages and the need to roll back updates.
There are mixed feelings about the use of AI. More than half (53 percent) of security pros say security teams use AI more effectively than threat actors, compared to 21 percent who say threat actors will exploit AI to their advantage. Yet, 46 percent report that they lack the talent to deploy sophisticated AI-fueled technologies, and the same number (46 percent) note that the cost of AI tools limits their adoption.
“If you’re using a risk-based prioritization system, AI can pull in massive amounts of information from a variety of different sources and tools, analyze that information and use predictive models to make risk-based scoring as efficient as possible,” says Chris Goettl, vice president of product management, endpoint security at Ivanti. “After you identify your risk appetite, the next step is configuring automation to continuously monitor and remediate any needed updates in alignment with your risk prioritization.”
You can get the full report from the Ivanti site.
Image credit: WrightStudio/depositphotos