HCL SW Blogs
Select Page

Over 8,000 vulnerabilities were published in the first quarter of 2022.1 If this rate continues to increase, organizations could see a 25 percent increase in vulnerabilities since 2021. Additionally, 10 percent of vulnerabilities have a critical score2 which raises even more concern for IT and Security teams.

Most companies take 60 days to successfully remediate a critical vulnerability, and it varies by industry. Healthcare averages 44 days to remediate known vulnerabilities, while public administration takes over 90.3 Higher Mean Time to Remediate (MTTR) means more opportunities for cyber attacks. Thus, companies need faster remediation. So, how can they speed remediation?

The remediation process involves prioritizing vulnerabilities, correlating them with available fixes, and successfully deploying the fixes. The correlation step is often manual and the most time-consuming part of the process. Automation research and correction time will speed the remediation process and reduce MTTR. While much of the effort is spent on recently published and zero-day vulnerabilities, older vulnerabilities still present a significant security threat. In 2020, 75 percent of attacks exploited vulnerabilities that were at least three years old, and 18 percent exploited vulnerabilities that were at least seven years old.4 Unpatched known vulnerabilities pose major security risks. In fact, according to Ponemon, 60 percent of breached companies said their exposure was due to unpatched known vulnerabilities where patches were not applied.5

Although CISOs and CIOs establish goals that drive down MTTR and patch known vulnerabilities, they need the right tools. With the advent of BigFix Insights for Vulnerability Remediation, organizations now have an opportunity for achieving both objectives. By leveraging the power and efficiency of BigFix companies can identify, patch, and remediate all known vulnerabilities and by doing so reduce MTTR.

BigFix Insights for Vulnerability Remediation is included with several BigFix offerings. To learn more, schedule a demonstration or visit www.BigFix.com.

[1] https://nvd.nist.gov

[2] https://www.cvedetails.com

[3] https://www.prnewswire.com/news-releases/organizations-take-an-average-of-60-days-to-patch-critical-risk-vulnerabilities-301496256.html

[4] https://www.checkpoint.com/downloads/resources/cyber-security-report-2021.pdf

[5] https://www.servicenow.com/lpayr/ponemon-vulnerability-survey.html


Comment wrap
Further Reading
US Federal Government Exerts Authority in Cybersecurity
Automation | February 28, 2023
US Federal Government Exerts Authority in Cybersecurity: Impacts Felt Around the World
Here, we highlight each of these actions and describe how HCL BigFix supports the government’s (and any organization’s) initiatives to strengthen the ability to prevent cyberattacks.
BigFix on Cloud
Automation | February 20, 2023
Accelerate Your Endpoint Management with BigFix on Cloud
As endpoints continue to grow in volume and diversity, managing and securing them has become more complex and time-consuming.
Oracle Increases Prices for Java
Automation | February 8, 2023
Oracle Increases Prices for Java – Look to BigFix for a Solution
To help our customers navigate this Oracle change, BigFix Inventory can identify which machines have Oracle Java to avoid unexpected license compliance issues.
Filters result by