26% of Companies Ignore Security Bugs As they Don’t Have Time to Fix Them

RSA Security has compiled a survey at a security conference by asking companies about their security practices. The Survey revealed that, while some companies intentionally ignore security flaws because of lack of talent, some companies just postpone the security flaws. The survey collected the data from 155 security professionals to present at the RSA conference, the data showed that only 47% of companies do fix security bugs with patches as soon as they come to light.

There are some companies that wait for quite some time before applying a fix leaving their server infrastructure at Risk. 16% of the companies wait for a month to apply the fix and some companies, around 8% wait for a year or two. The survey also revealed that 26% of the companies completely ignored the security flaw because they didn’t have time to fix it and some 16% of the companies didn’t have the necessary talent pool to fix it.

71% of the survey participants said that they could hack their own company and only 9% said that it is almost impossible to hack their own company. When asked how they would attack, 34% said they would attack the company’s cloud service while 21% of the employees said that they would target the employee’s personal devices.

25% of the respondents said that their cloud service is vulnerable, 23% said their IoT devices are vulnerable, 20% their mobile devices and 15% said their web applications. When the survey asked if their company ever hired a pen tester only 17% said yes while 35% said their code is secure. The details of the survey are completely anonymized.

Here are the brief details of the report from Outpost24:

  • Companies are most concerned about the security of their cloud infrastructure (25%), IoT (23%) and mobile devices (20%)
  • 42% companies admit to ignoring critical security problems because of time, resource and gaps in their knowledge
  • Only 47% patch known vulnerabilities as soon as they are discovered
  • 38% do not apply the same level of security technologies to their cloud environments

You can download the entire report from Outpost24.

Take your time to comment on this article.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients