In 2020, 17,447 vulnerabilities were detected, 43% more than in 2019 and the highest number of records in a single year in all history. The figure is staggering and at the same time, overwhelming, because it brings with it the tedious, repetitive and unrewarding task of patching.
Patching helps to close gaps before an attacker can exploit the vulnerability, so it appears as a task of extreme urgency. However, an action that might seem simple is, in reality, highly complex given the number of applications, devices or operating systems that require the attention of operators.
According to a report by the security firm Edgascan, it takes organizations around 67 days to patch a discovered vulnerability. The most efficient - 22% - take up to 7 days; 21% take up to 31 days; 30% between 31 and 90 days; and a quarter takes 91 days and more .
A successful patch depends on many factors, among which the existence of legacy systems within organizations or those systems that are not supported should not be overlooked. But when focusing on current products, the main elements to consider are the skills of professionals to execute a good patch and the notion about the universe that must be corrected. The reality is that very few organizations measure how much they must patch, because they do not have complete visibility over their systems.
The organization's low visibility is a risk that attackers could exploit. For this problem, Camel Secure developed Camel 360, a tool that allows, among multiple functions, to obtain complete visibility on systems, applications and devices.
Camel 360 also provides an automatic assessment of cyber risk to prioritize solutions and emphasizes the role of cybersecurity management and delivers a series of metrics that allow an easy understanding of the business risk associated with that management.
At Camel Secure, we manage the cyber risk of your business.
