news
UK and Netherlands
most at risk in
Europe when
mitigating critical
vulnerabilities
ulnerability research by
V
Outpost24 has revealed
data trends in vulnerability
management across different regions
and sectors. When analysed, the
number of high, medium and low-risk
security vulnerabilities based on CVSS
criticality shows the Netherlands had the
largest percentage of high-risk critical
vulnerabilities in Europe (50%), with the
UK marginally behind (43%).
When exploring specific sectors,
manufacturing had the highest number
of critical risk level vulnerabilities
at 50%, indicating there is a severe
lack of key vulnerability management
processes within this industry. Indeed,
the manufacturing sector was ahead
by some distance, with all other
sectors falling between the 10–20%
medium risk threshold. With the Fourth
Industrial Revolution upon us, most
if not all manufacturing enterprises
have adopted connected technology,
Artificial Intelligence (AI) or Machine
Learning, leaving a wider surface area
for exploitation.
The research also revealed the average
time to remediate vulnerabilities was
105 days – giving cybercriminals close
to a three-month window of opportunity
to infiltrate systems if left unpatched. In
fact, the industry breakdown revealed
that the energy and agriculture and
retail/wholesale were the two most
susceptible to being attacked with
patch times of 182 days and 135
days respectively.
The data was collected over a 12-month
period from November 2018–2019
where Outpost24 analysed vulnerability
data from over two million assets, across
10 markets and nine sectors to discover
the top trends.
A PROACTIVE APPROACH TO ADDRESS
THE RANSOMWARE MENACE
rcserve Southern Africa has
A
announced the availability
of the Arcserve Ransomware
readiness assessment, which
enables businesses to measure their
capabilities and chart a path to a
ransomware-free future.
Byron Horn-Botha, Arcserve
Southern Africa Lead: Channel and
Partnerships, said: “Ransomware has
become one of the largest business
risks and serves as the most
menacing threat to IT organisations.
It’s reached epidemic proportions
globally, with costs projected to
reach US$20 billion by 2021.”
Information security management
is an essential part of good IT
governance, particularly with respect
to protecting critical business and
personal data from ransomware.
Byron Horn-Botha, Arcserve Southern
Africa Lead: Channel and Partnerships
Horn-Botha says the assessment
is constructed around a scorecard
that outlines the important areas that
companies should be scrutinising within
their businesses. He said: “The scorecard
describes a five-level evolutionary path of
increasingly organised and systematically
more mature processes. For each of the
items in the ransomware-free framework,
you can assess your organisation’s
maturity score and consider your
priorities. Mark the box that best fits your
company profile.
“The assessment shows businesses
where they should be restricting access
to common ransomware entry points,
such as personal email accounts and
social networking websites. It also shows
how web filtering may be used at the
gateway and endpoint to block phishing
attempts for users who are tricked into
clicking on a link.”
6 Issue 25 | www.intelligentciso.com