Aberdeen Group says, "Any organization whose business involves networks, computers and application software is at risk due to vulnerabilities in these assets that can potentially be exploited."
This is just one of the interesting findings featured in the report - ‘Is Your Vulnerability Management Program Leaving You at Risk? (Most Likely, Yes)' which highlights how companies may actually be ignoring 80-90% of their end-point security risk due to lack of investment in effective risk management initiatives.
Other key findings include:
- Companies with top performance in vulnerability management adopt an optimised, comprehensive, and risk-based approach.
- "Although senior management already understands the importance of managing vulnerabilities as part of their overall risk management strategies, they should take a closer look to ensure that they are not inadvertently accepting risks by ignoring them (e.g. in the case of third-party vulnerabilities)."Source: Aberdeen Group 2011
Download the report here.
As a follow-up to these findings, Aberdeen Group has also published a new video, ‘Is Your Vulnerability Management Program Leaving You at Risk?' In the video, Derek Brink, VP & Research Fellow, IT Security at Aberdeen Group and Secunia's Research Analyst Director Stefan Frei discuss the risks of mismanaging vulnerabilities. Part one focuses on why investing only a minimal amount per end-user on vulnerability management initiatives is the same as accepting a significant amount of risk. Part two then illustrates how implementing an intelligent patching strategy can significantly reduce end-point security risks.
We hope you find this report and video valuable resources for your vulnerability management assessment and planning.