target audience: TECH SUPPLIER Publication date: Apr 2023 - Document type: IDC Survey - Doc Document number: # US50587123
Security Maturity and Vulnerability Management
Content
- 49 slides
Get More
When you purchase this document, the purchase price can be applied to the cost of an annual subscription, giving you access to more research for your investment.
Related Links
Abstract
This IDC Survey examines results from IDC's Security Operations Center Survey, which was conducted in December 2022 in the United States. The goal was to characterize the maturity of the organizations' security operations and understand vulnerability management in relation to maturity. Respondents are from a broad range of industries and company sizes.
Key findings from the survey include:
- 49% of respondents report a high level of attention on cybersecurity by the CEO and board.
- While vulnerability management/scanning is used by 82% of organizations, many are not using the tool to its greatest potential; 41% scan IT assets once per month or less.
- 74% of organizations scan less than 85% of their IT assets when they do scan leaving an opportunity for many vulnerabilities to go undiscovered until an attacker makes use of them.
- Training to understand how to respond during a breach often takes a back seat to day-to-day responsibilities; 41% of respondents conduct tabletop exercises twice a year or less, while 50% perform red teaming with an internal team twice a year or less.
"There was not a direct correlation between maturity level and all aspects of vulnerability management," said Michelle Abraham, research director, Security and Trust at IDC. "While the most mature do remediate a greater number of discovered vulnerabilities within a week, they are scanning less frequently on average than the least mature."