Why you don’t have to fix every vulnerability
Image by Thinkstock
The word “vulnerability” typically comes with a “must fix now” response. However, not all vulnerabilities should be treated equally because not all of them pose a risk. It all depends on what the data represents. In fact, some vulnerabilities are OK to deprioritize, depending on associated threats and the value of the asset at risk. For example, a lock on a 20th floor window of a building is not as important as one on the ground level, unless the contents of the room are so valuable that a thief would take the effort to access such an unreachable place. Scans reveal thousands of vulnerabilities across all assets – networks, applications, systems and devices – but they do not show which ones could lead to a damaging compromise if not fixed immediately. It is not about ignoring vulnerabilities; it is about prioritizing how you apply your resources to remediate them. Bay Dynamics provides some examples of vulnerabilities that are OK to put on the back burner.
To read this article in full or to leave a comment, please click here
Read more: Why you don’t have to fix every vulnerability
More antivirus and malware news?
- Ballmer says Microsoft Surface sales off to ‘modest’ start
- Symantec Endpoint Protection CVE-2019-18372 Local Privilege Escalation Vulnerability
- Sweden bans cameras on drones, deeming it illegal surveillance
- New Custom RAT Hits Targets in East Asia
- Opsec Mistakes Allowed U.S. to Link North Korean Man to Hacks
- 8 advanced ways Vivaldi boosts your productivity
- SWIFT: More banks hacked; persistent, sophisticated threat is here to stay
- HP Warns That Some SSD Drives Will Fail at 32,768 Hours of Use
- Microsoft may offer some Windows 10 patch notes to enterprises
- Edgeless Systems Raises $5M for Trustworthy Data Processing