A recent survey conducted by cybersecurity firm Swimlane revealed that a significant majority of organizations are slow to address critical vulnerabilities, leaving them exposed to potential cyberattacks.

The study found that 68 percent of organizations take more than 24 hours to remediate critical security flaws, a delay that can be exploited by cybercriminals to gain unauthorized access to systems.

One of the primary challenges highlighted by the survey is the difficulty in prioritizing vulnerabilities. Approximately 37 percent of respondents cited a lack of accurate context as a major obstacle, while 35 percent pointed to incomplete information as a significant issue. These factors contribute to delays in addressing vulnerabilities, increasing the risk of exploitation.

The survey also revealed that many organizations rely heavily on manual processes for vulnerability management. About 45 percent of organizations use a combination of manual and automated methods, but manual efforts can consume up to 50 percent of workers' time on vulnerability management tasks.

Over half of the workers surveyed reported spending more than five hours each week consolidating and normalizing data from various sources. This reliance on manual processes not only slows response times but also diverts attention from more strategic cybersecurity initiatives.

Financially, the impact of these inefficiencies is substantial. Businesses lose an estimated $47,580 per employee each year due to manual tasks associated with vulnerability management. Moreover, 73 percent of respondents expressed concerns about facing penalties for inadequate vulnerability management practices.

Source: https://www.msn.com/en-gb/money/technology/racing-against-time-on-a-menacing-caldera-survey-finds-majority-of-organizations-take-days-to-tackle-critical-vulnerabilities-each-of-them-a-potential-open-goal-for-cybercriminals/ar-AA1xr8OU

Commentary

A timely response to critical vulnerabilities is essential for maintaining the security, integrity, and operational stability of an organization. Failing to respond quickly can leave systems exposed to exploitation, often with devastating consequences.

Here's why timely response is crucial and what steps organizations can take to improve their responsiveness:

• Critical vulnerabilities are often publicly known and actively exploited within hours or days of discovery.
• The longer a system remains unpatched or unprotected, the higher the likelihood of a successful attack.
• Attackers exploit vulnerabilities to steal sensitive data, including customer records, financial information, and intellectual property.
• A fast response helps block access before intrusions occur.
• Exploits can lead to ransomware attacks, service outages, or system corruption.
• Rapid remediation helps ensure systems remain operational and downtime is minimized.
• Data breaches and service disruptions result in regulatory penalties, lawsuits, customer loss, and brand damage.
• Timely mitigation shows due diligence, which can reduce fines and liability.
• High-profile incidents can permanently damage customer and partner trust.
• A prompt and transparent response demonstrates responsible cybersecurity governance.
• Cybercriminals often use automated tools to scan for, and exploit, known vulnerabilities.
• Delays mean even non-targeted organizations can fall victim to opportunistic attacks.

The final takeaway is that the time to prepare to be responsive to a breach in a timely manner is now.