There are two ugly truths of cybersecurity. The first is it takes a lot longer for cybersecurity professionals to discover the presence of malware than anyone cares to admit. The second is that it takes a lot longer to remediate a vulnerability than most business leaders realize.
A survey of 200 IT professionals published this week by Adaptiva, a provider of endpoint security software, highlights the extent of the challenge IT organizations face. More than half the respondents (52%) said it takes their organization up to a week to remediate a vulnerability, while 22% said it can take a month or more. Only slightly more than a quarter (26%) said they can remediate vulnerabilities the day they are found.Only 26% of IT professionals said they can remediate vulnerabilities the day they are found #IncidentResponseClick To Tweet
In addition, patching applications and the Windows OS are tied at 44% for being the top security challenges that organizations face. Nearly half the respondents (47%) also cite scanning endpoints for vulnerabilities as the most challenging security best practice to follow. In theory, Windows 10 might make it easier for organizations to address some of these issues. However, the survey notes only 29% of companies will have completed migration to Windows 10 before the Jan. 14, 2020, end-of-life support deadline for Windows 7 arrives in a little over two months. A total of 87% said they will only have about more than half of their systems migrated to Windows 10 by then.
Stretched thin on security
A big part of the cybersecurity challenges organizations face is tied to the size of the IT staff relative to the scope of the problem. Only 17% of respondents said they believe they are well-staffed enough to do security right. Nearly two-thirds (73%) said they are being stretched thin, and 10% said they cannot meet high-priority needs and/or are unable to perform essential security operations.
Naturally, that shortage of skills makes a powerful case for investing in automation. Well over a third (36%) said that responses to over half of their help desk tickets that get generated can be automated.Only 17% of IT professionals said they believe their team is well-staffed enough to do security right. #CybersecurityClick To Tweet
Overcoming the remediation gap
The remediation gap is likely to become a bigger problem before it gets better. Cybercriminals are getting more efficient at discovering vulnerabilities. In some cases, they are continuously scanning high value targets in the hopes someone makes a mistake they can exploit in a matter of minutes. It’s more than apparent IT organizations are going to need to invest in higher levels of automation in the form of, for example, machine learning algorithms to effectively respond.
The challenge is that while cybersecurity professionals are starting to appreciate how those algorithms might augment their expertise, the costs associated with automation are frequently viewed as being prohibitive. It’s not at all clear when the cost of next-generation cybersecurity technologies that incorporate higher levels of automation are going to be deemed affordable by the average enterprise. In the absence of those types of investments, the remediation gap will only grow wider because there are not enough people to throw at the problem.
Given that chronic shortage of cybersecurity skills, it’s only a matter of time before organizations make these investments. The real issue many of them are struggling with is how long they can put off those investments because the current heroic manual efforts of the IT team are deemed good enough, which is, of course, the equivalent of continuing to punish IT staffs for their success regardless of the toll being inflicted.
Mike Vizard berichtet seit mehr als 25 Jahren über Themen aus dem IT-Bereich und hat eine Reihe von Publikationen im Bereich Technologie herausgegeben oder zu diesen beigetragen – darunter InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet und Digital Review. Derzeit bloggt er für IT Business Edge und wirkt bei CIOinsight, The Channel Insider, Programmableweb und Slashdot mit. Mike bloggt außerdem über aufkommende Cloud-Technologie für SmarterMSP.