At a time when cyber attacks are on the rise, nearly three quarters of global organisations (73 per cent) cannot identify these and protect their corporate assets and processes, a new report said on Friday. Lamar Bailey, Sr. Director, Security R&D at Tripwire commented below.
Lamar Bailey, Sr. Director, Security R&D at Tripwire:
“A new approach is not needed, this “new approach” is the problem. Organizations are spending their very limited security resources on new products and trends but are not focusing on the fundamentals. Research shows that the vast majority of incidents are due to know vulnerabilities and most of these breaches occur from exploits that have been patched for more than a year. Organizations don’t need a new approach they need to work on the fundamentals by patching known exploitable high risk vulnerabilities and verifying secure configurations for assets. The CIS top 20 Critical Security Controls is a great roadmap to lead to a secure environment.
Having state of the art motion detector lasers in you homes entry way is nice but kind of silly if you have a paper front door.”