Summary: The content discusses the challenges faced by organizations in patching software vulnerabilities, the vulnerability of endpoints to threats, and the need for PC replacements to support AI-based technologies, as highlighted in the Absolute Security Cyber Resilience Risk Index 2024.
Threat Actor: N/A
Victim: N/A
Key Point :
- 92% of PCs have insufficient RAM capacity to support enterprise and commercial use cases, requiring organizations to replace entire device fleets to leverage AI while ensuring security and compliance.
- Endpoint Protection Platforms (EPP) and network access security applications on managed PCs fail to operate effectively 24% of the time, and unsupported EPPs are not even present on almost 14% of devices, creating high-risk security gaps.
- Most industries continue to run weeks or months behind in complying with their patching policies, with education and government sectors having the worst patching records.
- CISOs and security professionals should deploy solutions that help identify impacted assets, prioritize vulnerabilities, and automate patching tasks to increase resilience against vulnerabilities.
Most industries continue to run almost two or more months behind in patching software vulnerabilities, endpoints remain vulnerable to threats, and most enterprise PCs must be replaced to support AI-based technologies, according to the Absolute Security Cyber Resilience Risk Index 2024. All factors create numerous compliance and security challenges.
Key report findings include:
Most organizations are not ready for AI: Despite the rush to leverage AI on endpoints, 92% of PCs have insufficient RAM capacity to support enterprise and commercial use cases. Organizations that want to take advantage of AI will need to replace entire device fleets, requiring them to ensure mass deployments can remain secure against threats and compliant with internal and external security policies.
Essential security tools are failing: When not supported by remediation capabilities, Endpoint Protection Platforms (EPP) and network access security applications on managed PCs fail to operate effectively 24% of the time. In addition, on almost 14 percent of these devices, unsupported EPPs are not even present, opening high-risk security gaps.
Organizations are falling weeks, even months, behind in critical patching: Although the number of days to patch software vulnerabilities continues to drop, most industries continue to run weeks or months behind in complying with their patching policies. Education and government are the top sectors with the worst patching records, taking 119 and 82 days respectively to patch.
CISOs and other security and risk professionals should deploy solutions that help them identify all impacted assets in their environment, prioritize vulnerabilities affecting their deployed software, and then assign as many patching tasks as possible to automation platforms.
“As an industry we are intently focused on the inevitable attack coming, breach waiting to happen, and disruption around the next corner. Not enough attention is paid to the simple strategies that can dramatically increase your resilience to ensure you remain resistant to vulnerabilities and can recover quickly. The stakes continue to get higher as we face the urgent need to adopt AI and other innovations to remain competitive,” said Christy Wyatt, Absolute Security CEO.
“Cyber resilience is a paradigm that extends beyond traditional cybersecurity. It’s about ensuring that your digital operations, which are the heart of your organization, can withstand and quickly recover from cyberattacks, technical malfunctions, deliberate tampering, and new deployments,” Wyatt concluded.
Source: https://www.helpnetsecurity.com/2024/04/18/enterprises-unprepared-ai-security-challenges/
“An interesting youtube video that may be related to the article above”