Connect with us

/home/grassnews/public_html/wp-content/themes/zox-news/parts/post-single.php on line 153
">
Warning: Undefined array key 0 in /home/grassnews/public_html/wp-content/themes/zox-news/parts/post-single.php on line 153

Warning: Attempt to read property "cat_name" on null in /home/grassnews/public_html/wp-content/themes/zox-news/parts/post-single.php on line 153

Tripwire Report: 1 in 4 Organizations Breached Because of Unpatched Vulnerabilities

Published

on

Reading Time: 3 minutes

New findings evaluate how organizations are managing vulnerability risks

LONDON–(BUSINESS WIRE)–(Infosecurity Europe, Stand #E50) – Tripwire,
Inc.
, a leading global provider of security and compliance solutions
for enterprises and industrial organizations, today announced the
release of a new report on vulnerability management trends. The survey,
conducted by Dimensional Research in May 2019, included responses from
340 infosecurity professionals.

Tripwire evaluated how organizations are managing vulnerability risks
and found that more than one in four (27 percent) globally have been
breached as a result of unpatched vulnerabilities, with an even higher
rate in Europe (34 percent). Vulnerability management starts with
visibility of the attack surface, and Tripwire’s report found that 59
percent of global organizations are able to detect new hardware and
software on their networks within minutes or hours. However, this is a
difficult manual effort for many; almost half (47 percent) report that
less than half of their assets are discovered automatically, including
13 percent who don’t even use automatic discovery solutions.

“Finding vulnerabilities is just a part of an effective vulnerability
management program,” said Tim Erlin, vice president of product
management and strategy at Tripwire. “It’s important for organizations
to focus on building a program instead of deploying a tool.
Vulnerability management has to include asset discovery, prioritization,
and remediation workflows in order to be effective at reducing risk.”

Advertisement
Stake.com

In assessing the attack surface for vulnerabilities, 88 percent of
infosecurity professionals said they run vulnerability scans, but the
research found that organizations address vulnerabilities with varying
degrees of effectiveness. Compared with
a past report
, the use of authenticated scans has improved, with 63
percent saying they conduct authenticated scans as part of their
vulnerability assessment. Despite this progress, more than one-third (39
percent) are still not scanning weekly – or more often – as recommended
by industry standards.

Erlin added: “How you assess your environment for vulnerabilities is
important if you want to effectively reduce your risk. If you are not
doing authenticated vulnerability scans, or not using an agent, then you
are only giving yourself a partial picture of the vulnerability risk in
your environment. And if you’re not scanning for vulnerabilities
frequently enough, you’re missing new vulnerabilities that have been
discovered, and you may miss assets that tend to go on and off the
network, like traveling laptops.”

The ability to reduce vulnerability risks varies among organizations.
According to Tripwire’s report, 16 percent of U.S. organizations said
they only conduct vulnerability scans to meet compliance or other
requirements. This rate was higher for European organizations, at 21
percent.

“Meeting a regulation or compliance requirement does not necessarily
mean you’ve effectively managed your security risk,” Erlin concluded.
“Compliance requirements are most often about protecting someone other
than your organization. That might be the consumer or credit card
companies or another entity. Securing your business requires that you
define an acceptable level of risk and manage to that target.”

Fifty percent of infosecurity professionals said they conduct
vulnerability scans to reduce risk, but only have the bandwidth to focus
on high-severity vulnerabilities. Nearly all respondents indicated that
constraints like people and processes (78 percent) and budget (65
percent prevent them from addressing all of the vulnerabilities they
want to tackle.

Advertisement
Stake.com

To ease constraints for organizations with limited in-house
cybersecurity resources, Tripwire recently launched vulnerability
management as a service with an expansion of Tripwire®
ExpertOps
. The company has also added additional service tiers
for Tripwire ExpertOps VM, offering more extensive analysis and
personalized consulting.

Tripwire is also announcing enhancements to Tripwire IP360™, its
enterprise-class vulnerability management solution. Tripwire IP360
version 9.1.0 will feature a new integrated user interface, improved
offline agent data collection, enhanced security features, improvements
to support robust configuration, and new capabilities for assessing data
at rest.

For more findings on Tripwire’s report, please visit: https://www.tripwire.com/state-of-security/wp-content/uploads/sites/3/Tripwire-Dimensional-Research-VM-Survey.pdf

For more information on Tripwire’s vulnerability management
capabilities, please visit: https://www.tripwire.com/solutions/vulnerability-and-risk-management/

About Tripwire

Tripwire is a leading provider of integrity assurance solutions that
improve security, compliance and IT operations in enterprises,
industrial organizations, service providers and government agencies.
Tripwire solutions are based on high-fidelity asset visibility and deep
endpoint intelligence combined with business context; together, these
solutions integrate and automate security and IT operations. Tripwire’s
enterprise-class portfolio includes file integrity monitoring,
configuration management, asset discovery, vulnerability management and
log collection that supports all widely used industry-standard
frameworks.

Advertisement
Stake.com

Learn more at www.tripwire.com,
get security news, trends and insights at www.tripwire.com/blog,
or follow us on Twitter @TripwireInc.

Contacts

Tripwire, Inc.
Ray Lapena, +1 714-624-8862
PR Manager
[email protected]

Advertisement
Stake.com

Warning: Undefined array key 0 in /home/grassnews/public_html/wp-content/themes/zox-news/parts/post-single.php on line 493

Warning: Attempt to read property "cat_ID" on null in /home/grassnews/public_html/wp-content/themes/zox-news/parts/post-single.php on line 493

Cannabis

Global Medical Cannabis Market Size To Worth USD 121.33 Billion By 2033 | CAGR Of 21.30%

Published

on

Continue Reading

Cannabis

Pressure BioSciences, Inc. to Host Business and Financial Update on Thursday, June 20th at 4:30pm ET

Published

on

Continue Reading

Cannabis

Global Industrial Hemp Market Size To Worth USD 24.30 Billion By 2033 | CAGR Of 16.27%

Published

on

Continue Reading
Advertisement
Stake.com

Latest news

Trending on Grassnews

GrassNews.net: Your premier portal for the latest developments in the cannabis industry. We provide timely news, insightful analysis, and in-depth features on everything from legislation changes and business trends, to scientific research and lifestyle topics. Stay informed and navigate the rapidly evolving cannabis landscape with GrassNews.net..

Contact us: [email protected]

Editorial / PR Submissions

Copyright © 2007 - 2024 Hipther Agency. Registered in Romania under Proshirt SRL, Company number: 2134306, EU VAT ID: RO21343605. Office address: Blvd. 1 Decembrie 1918 nr.5, Targu Mures, Romania