Unfortunately for companies large and small, cyber attacks show no sign of slowing down. Compounding the increased activity from hackers is the fact that security teams can only investigate 56% of the the daily security threats they receive. According to Cisco’s 2017 Cybersecurity Report, 44% of alerts are left completely unexplored.
And the story doesn’t get better from there. Of the 56% that are investigated, 28% are considered legitimate threats, with only 46% of those remediated. That means that only 72 of every 1,000 threats are actually remediated, less than 8%, leaving 92% of threats unpatched and open to cyber attacks. If this sounds like a recipe for disaster, it is. 22% of respondents lost customers due to attacks and 29% experienced a loss of revenue.
If you are familiar with The Goal by Eliyahu M. Goldratt, then you’ll understand the findings of the Enterprise Strategy Group’s (ESG) Security Operations Challenges, Priorities, and Strategies Report. The study discovered that security operations has become a “bottleneck”, limiting organizations’ abilities to handle threats. A bottleneck is a critical issue and must be corrected before you can realize any improvement in results.
The bottleneck identified by ESG is threefold with limitations of people, processes, and technology. 54% of respondents said they had to ignore security alerts that should have received investigation due to a lack of staff and expertise. 35% were unable to keep up with the volume of reports, 30% said that their tools were poorly integrated, and 25% were challenged with informal processes that did as much harm as good.
These two studies highlight the need for improved operational efficiencies to combat security vulnerabilities. And as companies move more of their infrastructure to the cloud, their threat surface increases and the challenges become more difficult.
New tools are required, and not just for identification of vulnerabilities. As the data has shown, most companies already know what threats are out there, they simply can’t address all of them. ESG also found that just 17% of companies believe their SecOps team is staffed appropriately.
The answer to their concerns is automated remediation. The ability to handle the known threats quickly and simply. In fact, 39% of ESG respondents are planning to invest in technologies and processes to automate security related to incident response.
Automox has automated patch remediation, closing the loop on the last manual aspect of security and compliance solutions. Monitoring, detection, analysis and reporting have long been automated processes with remediation still requiring manual intervention, bringing the entire patching process to a grinding halt.
With Automox’s cloud based platform, patching can be done across the entire infrastructure in minutes and is fully controlled by security managers. From a fully automated process that can apply patches without interruption, to complete workflow customization based on company policies and existing security processes. Automox provides the perfect balance between automation and control.
Automated patch remediation helps security teams better utilize the resources they have and reduces the time spent on patching from weeks to minutes. And time is one of the most valuable tools in the security arsenal. The longer a threat goes unpatched, the more likely it is to be exploited. In a 2015 Verizon study, 90% of exploited vulnerabilities were more than a year old, with 20% being more than 10 years old. The ability to act quickly can be the difference between passing a security audit and making the front page of the news.
To learn more about automated patching and the improvements it can make in your security operations, drop us a line. Or check us out on your own and see how we do it. And you can always give us a try for free, with unlimited platform access.