Vulnerability Management: Take Your Program to the Next Level

Latest Aite Group report explains why vulnerability management is a complex and resource-intensive part of security operations

Boston, MA (Nov. 12, 2019) – Cybersecurity vulnerability management is the art of identifying, remediating, or mitigating risks posed by hardware and software across an enterprise. Effective vulnerability management includes measurement, process improvement, and timely reporting to allow an organization to regularly assess cyber risk as part of overall enterprise risk. Aite Group’s latest report, Vulnerability Management: Take Your Program to the Next Level, highlights the extreme complexity and often fragmented approach to cybersecurity vulnerability management at midsize and large financial services organizations around the world.

“Hardware and software vulnerabilities can present significant risk to an organization and allow attackers a path to broader and more damaging actions,” states Joseph Krull, senior analyst at Aite Group. “Vulnerability management is not a siloed security challenge—it requires the active and committed involvement of executives and staff across the entire enterprise,” he explains.

This report examines the essential components of an effective vulnerability management program, provides some suggestions on how programs can be enhanced, and examines some methods (and tricks) to address today’s challenges in the vulnerability management process. It is based on the author’s experience building and managing vulnerability management programs at Global 1000 companies as well as assessing and auditing programs at dozens of Fortune 500 and Global 100 companies.

Click here for the online report summary or to download the table of contents.

This 20-page Impact Report contains one figure and one table. Clients of Aite Group’s Cybersecurity service can download this report, the corresponding charts, and the Executive Impact Deck.

This report mentions BMC Helix, CA Technologies (Broadcom), Denim Group, Equifax, IBM, iDefense (Accenture), Micro Focus, Qualys, Rapid7, ServiceNow, Symantec, and Tenable.

Click here for the online summary or to download the table of contents.

About Aite Group

Aite Group is a global research and advisory firm delivering comprehensive, actionable advice on business, technology, and regulatory issues and their impact on the financial services industry. With expertise in banking, payments, insurance, wealth management, and the capital markets, we guide financial institutions, technology providers, and consulting firms worldwide. We partner with our clients, revealing their blind spots and delivering insights to make their businesses smarter and stronger. Visit us at

Source: Aite Group

Tags: , , , ,