Known (and fixable) vulnerabilities often cause of data breaches

Known vulnerabilities seem to be the number one cause of data breaches and similar cyber threats. Those are the results of a survey conducted by IT software solutions firm BMC and Forbes Insights.

The duo surveyed more than 300 C-level executives across Europe and North America and, besides this information, it also says there is a large discrepancy between security and IT operations team.

This gap creates data loss and downtime in production, but can also damage a company’s reputation.

Even if a vulnerability was known from earlier, and even if a way to defend from it is already found, it accounts for 44 per cent of data breaches.

The problem here seems to be in communication – as 33 per cent of executives said setting proper priorities was a challenge – security and operations teams may have different priorities.

The conclusion here is that it takes too long to fix a vulnerability once a patch becomes available.

“Today, it often takes companies months to remediate known vulnerabilities – exposing them to potential breaches for six months or more as they work to resolve known threats,” said Jason Andrew, GM and VP of Sales, BMC EMEA “To discover, prioritise and fix vulnerabilities quickly calls for improved coordination between the security and IT operations teams. Narrowing the SecOps gap is critical to protecting an organisation's brand and also ensures customer confidence in the ability for the business to protect its information.”

Even though the two groups are often out of sync – 50 per cent of businesses don’t plan on improving the coordination.