Express Computer
Home  »  News  »  New Tenable research reveals only 3% of vulnerabilities pose significant cybersecurity risk

New Tenable research reveals only 3% of vulnerabilities pose significant cybersecurity risk

0 95

Tenable, the exposure management company, has released a research report titled “The Critical Few: How to Expose and Close the Threats that Matter” that identifies the key exposure points within organisations and outlines actionable steps to mitigate potential cyber threats that could endanger business operations. Over the past two decades, Tenable has collected and analysed approximately 50 trillion data points related to over 240,000 vulnerabilities. From this extensive dataset, Tenable developed a methodology revealing that only 3% of these vulnerabilities frequently result in significant exposure risks.

With cybersecurity teams overwhelmed by vast amounts of fragmented threat intelligence and vulnerability data, Tenable conducted this study to help these teams shift toward a proactive defence strategy, focusing on eliminating the most dangerous threats.

The study leveraged the Vulnerability Priority Rating (VPR) model, which Tenable developed to reflect the current threat landscape. VPR values range from 0.1 to 10, with higher values indicating a greater likelihood of exploitation. Vulnerabilities with a VPR above 9.0 are likely to be exploited if exposed, making them high-priority targets. In contrast, those with VPRs between 7.0 and 8.9 present a moderate risk, while medium and low categories (0.1 to 6.9) are less likely to be exploited.

For example, on June 2, 2024, the study analysed nearly 240,000 vulnerabilities and found that only 3.1% of them—fewer than 7,500—were classified as Critical or High. “Context matters. Without the right context, cybersecurity teams will always be in reactive mode, trying to fix every single vulnerability, making it impossible to keep all systems updated and secure,” said Nigel Ng, Senior Vice President, Asia Pacific and Japan, Tenable. “Organisations have relied on the common vulnerability scoring system (CVSS) for a long time, which doesn’t offer a holistic picture of cyber risks and exposures. A proactive and preventive defence strategy requires exposure management, and a new metric to measure risk offering security professionals the much-needed context on which vulnerabilities and risk exposures to focus on,” he added.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image