Over 8,000 vulnerabilities were published in the first quarter of 2022.1 If this rate continues to increase, organizations could see a 25 percent increase in vulnerabilities since 2021. Additionally, 10 percent of vulnerabilities have a critical score2 which raises even more concern for IT and Security teams.

Most companies take 60 days to successfully remediate a critical vulnerability, and it varies by industry. Healthcare averages 44 days to remediate known vulnerabilities, while public administration takes over 90.3 Higher Mean Time to Remediate (MTTR) means more opportunities for cyber attacks. Thus, companies need faster remediation. So, how can they speed remediation?

The remediation process involves prioritizing vulnerabilities, correlating them with available fixes, and successfully deploying the fixes. The correlation step is often manual and the most time-consuming part of the process. Automation research and correction time will speed the remediation process and reduce MTTR. While much of the effort is spent on recently published and zero-day vulnerabilities, older vulnerabilities still present a significant security threat. In 2020, 75 percent of attacks exploited vulnerabilities that were at least three years old, and 18 percent exploited vulnerabilities that were at least seven years old.4 Unpatched known vulnerabilities pose major security risks. In fact, according to Ponemon, 60 percent of breached companies said their exposure was due to unpatched known vulnerabilities where patches were not applied.5

Although CISOs and CIOs establish goals that drive down MTTR and patch known vulnerabilities, they need the right tools. With the advent of BigFix Insights for Vulnerability Remediation, organizations now have an opportunity for achieving both objectives. By leveraging the power and efficiency of BigFix companies can identify, patch, and remediate all known vulnerabilities and by doing so reduce MTTR.

BigFix Insights for Vulnerability Remediation is included with several BigFix offerings. To learn more, schedule a demonstration or visit www.BigFix.com.

[1] https://nvd.nist.gov

[2] https://www.cvedetails.com

[3] https://www.prnewswire.com/news-releases/organizations-take-an-average-of-60-days-to-patch-critical-risk-vulnerabilities-301496256.html

[4] https://www.checkpoint.com/downloads/resources/cyber-security-report-2021.pdf

[5] https://www.servicenow.com/lpayr/ponemon-vulnerability-survey.html


Comment wrap
Further Reading
Automation | September 26, 2022
How to Simplify In-place Windows Upgrades using BigFix
Upgrading Windows is common practice in order to take advantage of new OS and security features.  While upgrading is recommended, the upgrading can be notoriously slow and problematic. For organizations using BigFix, the process is easier and more full-proof.
Automation | August 4, 2022
Vulnerability Management is more than checking a box
Softchoice and BigFix, collaborated to produce an informative webinar emphasizing that vulnerability management and continuous compliance are no longer nice to have but a minimum standard of operation.
Filters result by