Between global headlines and personal identity theft, hackers have become one of the biggest problems facing the world today. Sure, cybersecurity technology has been getting better, but it still can't account for the billions of people online, the millions of hackers trying to steal their information, and the hundreds of digital paradigm shifts happening on what feels like a daily basis. And unfortunately, data shows that things aren't getting better
According to the Q3 2017 VulnDB QuickView report from Risk Based Security, there have been 16,006 vulnerabilities disclosed in the first three quarters of 2017, representing a 38 percent increase from last year. This is the highest number of vulnerabilities to date, which doesn't bode well for the future of cybersecurity.
To make matters worse, these numbers notably eclipse the numbers provided by the CVE and National Vulnerability Database (NVD), with more than 6,000 vulnerabilities going unreported by the government repository. Even worse still, 44.1 percent – over 2,700 – of those vulnerabilities not published by NVD/CVE have a CVSSv2 score between 7.0 and 10, which include widely deployed software used by many organizations. And that, in so many words, is very bad.
“When hearing that so many vulnerabilities are missing from CVE/NVD, most security professionals want to justify the gap by trying to convince themselves that the vulnerabilities missed can’t possibly impact their organization, and if they do, they must be low risk. However, just as our previous reports have indicated, this isn’t the case…. Any security product or tool that relies on CVE/NVD is putting your organization at serious risk,” said Jake Kouns, Chief Information Security Officer for Risk Based Security in a press release.
Fortunately, this news isn't all doom and gloom. Despite most founders' inability to take cybersecurity concerns seriously, most of the invulnerabilities arising in this study do have an easy solution that could save a lot of time, money, and stress.
“While our proprietary Vulnerability, Timeline, and Exposure Metrics (VTEM) show that not all vendors are prioritizing and fixing vulnerabilities as quickly as we would prefer, the good news is that 75.8 percent of 2017 vulnerabilities through September do have a documented solution,” added Kouns.
If you didn't know that you needed to make cybersecurity a priority at this point in the game, you're seriously dropping the ball. Small businesses are particularly vulnerable to these attacks, as they are rarely set up with the resources to fend off sophisticated hackers. However, protecting your company from cyber attacks could be the most lucrative thing you do for your company, so get on it!
Read more about helpful cybersecurity tools on TechCo