At the same time, the risk is increasing. According to thefindings, there was a 17% increase in cyberattacks over the past year, and 60% of breaches were linked to a vulnerability where a patch was available, but not applied. The study surveyed almost 3,000 security professionals in nine countries to understand how organisations are responding to vulnerabilities.In this report, ServiceNow presents the consolidatedfindings and comparisons to its 2018 study,Today’s State of Vulnerability Response: Patch Work Requires Attention.
The survey results reinforce a need for organisations to prioritise more effective and efficient security vulnerability management:
Thefindings also indicate a persistent cybercriminal environment, underscoring the need to act quickly:
The report points to other factors beyond staffing that contribute to delays in vulnerability patching:
According to thefindings, automationdelivers a significant payoff in terms of being able to respond quickly and effectively to vulnerabilities. Four infive (80%) of respondents who employ automation techniques say they respond to vulnerabilities in a shorter timeframe through automation.
“This study shows the vulnerability gap that has been a growing pain point for CIOs and CISOs,” said Jordi Ferrer, Vice President and General Manager UK&I at ServiceNow. “Companies saw a 30% increase in downtime due to patching of vulnerabilities, which hurts customers, employees and brands. Many organisations have the motivation to address this challenge but struggle to effectively leverage their resources for more impactful vulnerability management. Teams that invest in automation and maturing their IT and security team interactions will strengthen the security posture across their organisations.”