NEW YORK, NY (May 17, 2017) – Bay Dynamics® unveiled today a new custom research report that shows most cyber security professionals do not trust the data coming from their security tools. “A Day in the Life of a Cyber Security Pro,” captures the challenges security professionals face every day managing millions of vulnerabilities at any given time along with incorrectly prioritized threat alerts.
Third party research firm Enterprise Management Associates conducted a survey of more than 400 cyber security professionals working in North America-based organizations with at least 5,000 employees. Respondents came from a variety of vital industries including finance, insurance, government, healthcare, retail, infrastructure and more.
Key highlights include:
- Enterprises with more than 20,000 employees manage more than 1.3 million vulnerabilities every 30 days
- 74% of respondents say they are overwhelmed by the volume of vulnerability maintenance work
- 79% of respondents say their patching approval process is significantly manual
- 64% of threat alerts are not addressed each day
- 52% of threat alerts are improperly prioritized by systems and must be manually re-prioritized
The report also shows a lack of transparency about organizations’ cyber risk posture. When asked to rate the level of maturity of their vulnerability management programs, 87% of respondents say they have a “very mature to moderately mature” patching process.
“Considering most respondents say they need to rely on manual methods to manage threats and vulnerabilities, it is clear there is a façade in front of security program maturity which is spread throughout the management chain,” said David Monahan, Security and Risk Management Research Director at Enterprise Management Associates. “When security professionals paint a rosier picture than reality, every role above them is falsely insulated leading to poor program decisions. That’s why transparency is essential. Everyone should have access to the same set of data at any moment in time.”
“Security professionals are overwhelmed by endless threats and vulnerabilities and are unable to decipher which ones could cause the most harm,” said Ryan Stolte, co-founder and CTO at Bay Dynamics. “They lack confidence in their security tools’ prioritization capabilities, and thus end up manually stitching together the information needed to re-prioritize the most critical vulnerabilities and imminent threats. To relieve the pain, security teams need a system of record that automatically prioritizes threats and vulnerabilities based on financial impact to the organization, delivers that information to the individuals responsible for action, and provides updates of their mitigation status.”
To download the report, visit: https://baydynamics.com/resources/report-day-life-cyber-security-pro/
To learn more about Bay Dynamics, visit: www.baydynamics.com
About Bay Dynamics
Bay Dynamics® enables enterprises and agencies to continuously quantify the financial impact of cyber risk based on actual conditions detected dynamically in their environment. The company’s flagship product, Risk Fabric®, is an analytics software platform that calculates the value at risk associated with specific threats and vulnerabilities, and prescribes actions to measurably reduce cyber risk exposure. Using Risk Fabric, stakeholders across the business can use common metrics to prioritize their remediation activities on the risks that matter most. For more information visit www.baydynamics.com.
Bay Dynamics and Risk Fabric are registered trademarks of Bay Dynamics, Inc. Other trademarks mentioned are the property of their respective owners.
- Media Contact: