By Craig Johnson, Senior Technical Solutions Architect, Forward Networks
Visibility and complexity, problems that have plagued cybersecurity and IT practitioners for decades, are still huge issues. A 2021 IDG survey found that 81% of practitioners struggle to identify the depth of a breach, and 68% find it challenging to identify what devices are in the network and its topology. This is not surprising. The network is now a piece of critical infrastructure that can't afford to go down, and its depth and breadth in the cloud and on premise is not something that many organizations could have imagined in the early ‘90s.
A Problem Already Too Big, and Growing
Security practitioners have always maintained that you cannot secure what you can't see, but what we can't see keeps growing. Take common vulnerabilities as an example. As of June 10, 2022, there were over 177,000 known CVEs (Common Vulnerabilities and Exposures) listed in the NIST Database. While security teams KNOW that remediating these vulnerabilities should be a priority, keeping up with numbers that high just isn't scalable for even the largest and most well-funded organizations.
While statistics may vary, security organizations are dealing with almost 55 critical vulnerabilities PER DAY and some recent data shows that organizations are taking nearly two months to remediate critical risk vulnerabilities, with an average mean time to remediate (MTTR) of 60 days. This is due to sheer volume, as well as difficulty in sharing prioritized, actionable information in a manner that is easy for network engineers to understand and act on. For example, when the network team receives the information, it's a raw report lacking specificity (e.g. which alerts are new). Without this level of detail, the process is still time-consuming and prone to human error... [READ MORE on VMBLOG]