arrow down
Arrow down
Arrow down
Arrow down
End-to-End Visibility
 | Jun 20, 2022

We Need New Visibility into Old Problems

By Craig Johnson, Senior Technical Solutions Architect, Forward Networks Visibility and complexity, problems that have plagued cybersecurity and IT practitioners for decades, are still huge issues. A 2021 IDG survey found that 81% of practitioners struggle to identify the depth of a breach, and 68% find it challenging to identify what devices are in the network and its […]

By Craig Johnson, Senior Technical Solutions Architect, Forward Networks

Visibility and complexity, problems that have plagued cybersecurity and IT practitioners for decades, are still huge issues. A 2021 IDG survey found that 81% of practitioners struggle to identify the depth of a breach, and 68% find it challenging to identify what devices are in the network and its topology. This is not surprising. The network is now a piece of critical infrastructure that can't afford to go down, and its depth and breadth in the cloud and on premise is not something that many organizations could have imagined in the early ‘90s.

A Problem Already Too Big, and Growing

Security practitioners have always maintained that you cannot secure what you can't see, but what we can't see keeps growing. Take common vulnerabilities as an example. As of June 10, 2022, there were over 177,000 known CVEs (Common Vulnerabilities and Exposures) listed in the NIST Database. While security teams KNOW that remediating these vulnerabilities should be a priority, keeping up with numbers that high just isn't scalable for even the largest and most well-funded organizations.

While statistics may vary, security organizations are dealing with almost 55 critical vulnerabilities PER DAY  and some recent data shows that organizations are taking nearly two months to remediate critical risk vulnerabilities, with an average mean time to remediate (MTTR) of 60 days. This is due to sheer volume, as well as difficulty in sharing prioritized, actionable information in a manner that is easy for network engineers to understand and act on. For example, when the network team receives the information, it's a raw report lacking specificity (e.g. which alerts are new). Without this level of detail, the process is still time-consuming and prone to human error... [READ MORE on VMBLOG]

Do you have any comments for us? Share them on social media

Craig Johnson

Craig Johnson serves as a Technical Solution Architect with Forward Networks. His work revolves around Public and Hybrid Cloud architectures, with a special emphasis on Automation and Security Posture Management.

Subscribe to our newsletter

Make sure you don't miss a post by signing up here for our monthly 'Moving Forward' newsletter

Related Posts

Browse all posts
Top cross linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram