- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Type of Threat or Opportunity >
- Trend snippet: Vulnerability Management: Smarter Patching Better Addresses Real-World Risks
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
Vulnerability Management: Smarter Patching Better Addresses Real-World Risks
Today’s IT and security professionals are increasingly challenged
to patch software vulnerabilities in a timely fashion, even though
it’s well known that vulnerabilities for which a patch had long been
available are exploited in a significant percentage of breaches.
77% of the respondents to a Ponemon Institute survey said that
their organization simply didn’t have enough resources to keep
up with the volume of patches that need to be applied. This
represents a 5% increase from what enterprise security teams
reported just two years ago. And it’s occurring despite the fact
that enterprise teams now spend an average of 206 hours per
week patching applications and systems at an average weekly
labor cost of $12,875.
It requires gargantuan effort to keep up with the torrent of
vulnerabilities that are assigned Common Vulnerabilities and
Exploitations (CVE) scores each year. Roughly 18,000 such
vulnerabilities were reported in 2020, and nearly 60% of these
were considered “high” or “critical” priority. Despite the sense of
urgency this situation creates, a mere 5.5% of these are known to
have actually been exploited by threat actors. And many of these
weren’t even assigned the highest CVE scores. This small subset
of vulnerabilities does, however, tend to be used over and over
again in attacks.
This means that if vulnerability management teams could identify
in advance the few vulnerabilities that attackers will target most
often, they could save themselves massive amounts of time and
effort—reducing more risk with fewer patches.
With intelligence, your team can figure out which vulnerabilities
are actually being weaponized and exploited, and which ones
adversaries are ignoring. In addition, tailoring intelligence to your
own technology stack allows you to discover newly disclosed
vulnerabilities long before they’re added to the National
Vulnerability Database. This allows your organization to stay in
front of new, high risk vulnerabilities.