Are you failing Security Basics 101?

Security tools are getting more sophisticated. DevOps is bringing us automation in operations, and a more holistic way of looking at how we manage infrastructure. But all too often, we’re not doing basic things to improve security and reliability, like protecting against known vulnerabilities.

Hewlett Packard Enterprise’s 2016 Cyber Risk Report points out that “29 percent of all exploits samples discovered in 2015 continued to use a 2010 Stuxnet infection vector that has been patched twice.” It takes an average of 103 days for companies to patch known network and security vulnerabilities, according to a study vulnerability risk management vendor NopSec ran last year; that goes down to 97 days for healthcare providers and up to 176 days for financial services, banking and education organisations. That’s not taking into account misconfigurations, or lack of communication between different teams.

To read this article in full or to leave a comment, please click here