Bug Fixes Take Twice as Long for Manufacturing Firms

Bug Fixes Take Twice as Long for Manufacturing Firms

Manufacturing firms take twice as long to fix vulnerabilities as their peers in other verticals, although healthcare organizations have over three-times as many flaws per asset, according to new research from Kenna Security.



The security vendor teamed up with the Cyentia Institute to lift the lid on vulnerability management in 14 key sectors, with a particular focus on four: tech, manufacturing, healthcare and finance.



Although remediation capacity remained fairly consistent across the verticals, with a typical organization fixing one in every 10 vulnerabilities on their system, the research revealed specific challenges in each.



The median number of flaws per asset affecting manufacturing firms is 10, slightly higher than in other industries (7). However, they are lagging behind the average when it comes to “remediation velocity.”



The half-life of vulnerabilities for manufacturing firms is typically 69 days, versus 36 days elsewhere, while fixing 75% of bugs takes 280 days versus 201, Kenna Security revealed.



“Manufacturing companies are able to patch eight out of every 10 high risk vulnerabilities, placing them in the top sectors,” explained Kenna Security CTO, Ed Bellis. “Individual companies lag however. About four in 10 firms end each month with more high-risk vulnerabilities than they started with. The other six either break even or gain ground.”



In healthcare, there’s an average of 34 bugs per asset, nearly five-times the industry average. Although these organizations seem to be doing a good job of keeping on top of flaws, there’s still room for improvement.



“Healthcare organizations are highly efficient at finding and patching high risk vulnerabilities. On average, they tend to close about 75% of them,” explained Bellis. “That’s an admirable result, but in terms of comparisons to other sectors, it seems that healthcare lags. Of the 14 sectors ..

Support the originator by clicking the read the rest link below.