|By Business Wire||
|February 18, 2014 05:00 AM EST||
Tenable Network Security®, Inc., the leader in real-time vulnerability and threat management, today announced the results of a February 2014 commissioned study conducted by Forrester Consulting on behalf of Tenable entitled “Close the Gaps Left by Traditional Vulnerability Management Through Continuous Monitoring.” Surveying top security professionals at leading organizations, the study found that traditional vulnerability management solutions are unnecessarily exposing most to security threats that could be mitigated through continuous monitoring (CM).
Continuous Monitoring Plugs the Gaps
Continuous monitoring, whose roots lie with the U.S. government, addresses many of the challenges faced by traditional vulnerability management solutions and offers CISOs and security leaders across sectors a near real-time view into the security posture of their respective institutions. The survey found that organizations that implemented continuous monitoring are more than twice as likely to be satisfied with their vulnerability management approach compared to those who use periodic scanning. Additionally, Forrester asked the 45 percent of respondents who had adopted CM to explain the benefits. They said that continuous monitoring:
- Benefits all stages of vulnerability management
- Benefits all verticals
- Better equips organizations to deal with a mobile workforce
- Benefits those with a risk focused VM program the most
- Satisfies the CISO more than any other role
The Threat Landscape Overwhelms Traditional Vulnerability Management
Consumerization, mobility, and cloud are the hallmarks of the extended enterprise, and periodic snapshot vulnerability scanning cannot effectively address the dynamic nature of today’s extended enterprise environments. While this has catapulted vulnerability management as one of the top concerns for organizations – 86 percent of respondents rate it as their second highest IT security priority for the next 12 months – they remain concerned with effectively lowering their organization’s risk of compromise. Specifically, organizations struggle to establish effective vulnerability management practices, leaving them exposed to attacks. The study found that:
- Nearly 74 percent of the surveyed respondents experienced challenges with their overall VM program
- 79 percent claimed they were more likely to miss critical vulnerabilities due to insufficient data to narrow down appropriate endpoints for scanning
- 70 percent scan monthly or less
“The survey shows that although organizations use periodic vulnerability scans, it’s simply not enough,” explained Ron Gula, CEO and CTO of Tenable Network Security. “In today’s environment of mobile, cloud and BYOD, the extended enterprise poses particular challenges, and organizations are finding it difficult to make traditional vulnerability management work for them. The need for security that covers 100 percent of assets all the time has never been more apparent than with the recent series of successful breaches.”
Organizations Struggle to Establish Effective Vulnerability Management Practices
Maintaining a consistent and effective vulnerability management workflow emerged as a major concern with 77 percent of respondents having concerns about accurate asset discovery. The explosion of transient endpoints compounds the difficulties of discovering all an organization’s assets and greatly increases the likelihood of an effective breach if unknown assets are not identified and assessed properly. Furthermore, 66 percent stated they were not confident in conducting proper vulnerability remediation. Once scans returned the data, they did not feel they had a clear picture of the risks in order to accurately prioritize and take action.
“Periodic vulnerability scans have failed the modern-day CISO,” said Gula. “Breaches are still occurring at an alarming rate, and the threat landscape is ever-evolving. The goal for any CISO is to remain ahead of the threat curve, and the only way to do this is through adopting a continuous monitoring platform. This enables users to rapidly deploy patches to shut down these threats in hours, not months so that dangerous windows of opportunity get shut before business-critical data is compromised.”
Webinar on Findings
To learn more about the February 2014 commissioned study conducted by Forrester Consulting on behalf of Tenable entitled “Close the Gaps Left by Traditional Vulnerability Management Through Continuous Monitoring,” join Ron Gula, CEO of Tenable Network Security, and guest Rick Holland, principal analyst with Forrester Research. Inc. on Wednesday, February 19, at 11:00 a.m. PST / 2:00 p.m. EST. For more information on the webinar and to register, please click here.
The Forrester Consulting Study sponsored by Tenable Network Security is available at: http://www.tenable.com/whitepapers/forrester-cm.
About Tenable Network Security
Tenable Network Security is relied upon by more than 20,000 organizations, including the entire U.S. Department of Defense and many of the world’s largest companies and governments, to stay ahead of emerging vulnerabilities, threats and compliance-related risks. Its solutions continue to set the standard to identify vulnerabilities, prevent attacks and comply with a multitude of regulatory requirements. For more information, please visit www.tenable.com.
SYS-CON Events announced today that Numerex Corp, a leading provider of managed enterprise solutions enabling the Internet of Things (IoT), will exhibit at the 19th International Cloud Expo | @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Numerex Corp. (NASDAQ:NMRX) is a leading provider of managed enterprise solutions enabling the Internet of Things (IoT). The Company's solutions produce new revenue streams or create operating...
Sep. 28, 2016 01:30 AM EDT Reads: 2,021
Sep. 28, 2016 01:00 AM EDT Reads: 1,558
Sep. 27, 2016 11:45 PM EDT Reads: 2,974
Sep. 27, 2016 10:45 PM EDT Reads: 3,402
Sep. 27, 2016 10:45 PM EDT Reads: 2,847
Sep. 27, 2016 10:30 PM EDT Reads: 2,188
Sep. 27, 2016 09:30 PM EDT Reads: 2,974
Sep. 27, 2016 09:30 PM EDT Reads: 491
Sep. 27, 2016 08:30 PM EDT Reads: 2,046
Sep. 27, 2016 08:15 PM EDT Reads: 2,238
Sep. 27, 2016 07:00 PM EDT Reads: 2,874
Sep. 27, 2016 06:45 PM EDT Reads: 1,824
Sep. 27, 2016 06:30 PM EDT Reads: 3,576
Sep. 27, 2016 06:30 PM EDT Reads: 2,214
Sep. 27, 2016 06:15 PM EDT Reads: 425