The patch-as-needed era of vulnerability management is over – remediation is king

The patch-as-needed era of vulnerability management is over – remediation is king

For years now, CISOs have known that they operate in a when-not-if threat landscape. The daunting task of policing all possible inroads while retaining business agility is one that all security professionals face. What to do? Where to begin? For those of you stuck in such a loop, one of the soundest first steps you can take is to address vulnerability management.

In its 2020 Data Breach Investigations Report, Verizon tracked more than 4,200 incidents and 185 confirmed data exfiltrations across Europe, the Middle East and Africa (EMEA). Region wide, it found that the exploitation of vulnerabilities continues to represent a trifling proportion of incidents and breaches. This is easily explained by looking at the main motives for campaigns. According to Verizon's researchers, 70 percent of attacks are financially motivated, so bad actors are more likely to target low-hanging fruit. It therefore follows that effective patching is one of the best ways to protect your digital estate.

One of the enduring roadblocks to robust to vulnerability management, detection and response (VMDR) is the evolution of internal IT ecosystems, particularly as this relates to the coming and going of new devices (each with its own micro-ecosystem of apps and vulnerabilities). This architectural flux