Absolute Security has revealed findings from its new research report, Absolute Security Cyber Resilience Risk Index 2024.
The research reveals that most industries continue to run almost two months behind in patching software vulnerabilities, endpoints remain vulnerable to threats, and most enterprise PCs will need to be replaced to support AI-based technologies. All factors creating numerous compliance and security challenges.
Key report findings include:
The majority of organisations are not ready for AI: Despite the rush to leverage AI on endpoints, 92%1 of PCs have insufficient RAM capacity needed to support enterprise and commercial use cases. Organisations that want to take advantage of AI will need to replace entire device fleets, requiring them to ensure mass deployments can remain secure against threats and compliant with internal and external security policies.
Essential security tools are failing: When not supported by remediation capabilities, Endpoint Protection Platforms (EPP) and network access security applications on managed PCs fail to operate effectively 24% of the time. In addition, on almost 14% of these devices, unsupported EPPs are not even present, opening high-risk security gaps.
Organisations are falling weeks, even months, behind in critical patching:
Although the overall number of days to patch software vulnerabilities continues to drop, most industries continue to run weeks or months behind in complying with their own patching policies. Education and government are the top sectors with the worst patching records, taking 119 and 82 days respectively to patch.
“As an industry we are intently focused on the inevitable attack coming, breach waiting to happen, and disruption around the next corner. Not enough attention is paid to the simple strategies that can dramatically increase your resilience to ensure you remain resistant to vulnerabilities and can recover quickly. The stakes continue to get higher as we face the urgent need to adopt AI and other innovations to remain competitive,” said Christy Wyatt, Absolute Security CEO.
“Cyber Resilience is a paradigm that extends beyond traditional cybersecurity. It’s about ensuring that your digital operations, which are the heart of your organisation, can withstand and quickly recover from cyberattacks, technical malfunctions, deliberate tampering, and new deployments.”
In addition to sharing these and other key findings, the report provides CISOs and other security and risk professionals with a deeper understanding of what Cyber Resilience is and the practical information they need to identify and mitigate top security risk factors to improve their cyber resilience posture.
You can read the full report here.