Racing against time on a menacing caldera: survey finds majority of organizations take days to tackle critical vulnerabilities, each of them a potential open goal for cybercriminals

News
By published

Fragmented data and poor collaboration are leaving systems exposed for too long, survey warns

Hacker Typing
(Image credit: Shutterstock)
  • Survey finds nearly 70% of orgs leave critical vulnerabilities unresolved for 24 hours or more
  • Managing vulnerability fog is a major challenge, as AI promises to make it easier for criminals to identify targets
  • Zero-day and unpatched legacy vulnerabilities remain a major cause of cybercriminal proliferation

Over two-thirds (68%) of organizations take more than 24 hours to address critical vulnerabilities, new research has found, urging companies to up their game when it comes to dealing with threats.

A survey conducted by Swimlane highlighted how vulnerabilities remain a significant danger to organizations; exposing them to data breaches, regulatory penalties, and operational disruptions.

And the longer these vulnerabilities remain unaddressed, the greater the risk of exploitation, yet many teams struggle with inefficiencies that waste valuable time.

The challenge of vulnerability prioritization

Lack of accurate context was cited by 37% of respondents as a major obstacle to prioritizing threats and 35% considered incomplete information as a major culprit.

While 45% of organizations were found to employ a mix of manual and automated processes, the tools they rely on such as cloud security posture management, endpoint protection, and web application scanners often fall short of addressing the scale and speed of emerging threats.

Manual processes also pose a challenge, consuming up to 50% of workers' time on vulnerability management tasks. Over half of workers surveyed reported spending more than five hours each week consolidating and normalizing data from various sources.

Businesses lose an estimated $47,580 per employee each year due to manual tasks, noted Michael Lyborg, CISO at Swimlane, and this heavy reliance on manual effort not only slows response times but also diverts attention from more strategic cybersecurity initiatives.

Despite these challenges, the report does reveal that many organizations simply lack effective vulnerability management programs, with 73% of respondents expressing concerns about facing penalties for inadequate practices.

“Smarter prioritization and automation are no longer optional — they are essential to reducing vulnerabilities, preventing breaches and ensuring continuous compliance,” said Cody Cornell, Swimlane's Co-Founder and Chief Strategy Officer.

“By blending intelligent automation with human expertise, vulnerability management teams gain the clarity they need to act decisively," he added.

"Centralizing data and responding in real-time isn’t a luxury — it’s a business imperative that minimizes risk and frees up time to focus on the next challenge.”

You might also like

Efosa Udinmwen
Efosa Udinmwen
Freelance Journalist

Efosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master's and a PhD in sciences, which provided him with a solid foundation in analytical thinking. Efosa developed a keen interest in technology policy, specifically exploring the intersection of privacy, security, and politics. His research delves into how technological advancements influence regulatory frameworks and societal norms, particularly concerning data protection and cybersecurity. Upon joining TechRadar Pro, in addition to privacy and technology policy, he is also focused on B2B security products. Efosa can be contacted at this email: udinmwenefosa@gmail.com

Read more
Abstract image of cyber security in action.
It’s time to catch up with cyber attackers
ransomware avast
AI is helping hackers get access to systems quicker than ever before
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
Holographic representation of cloud computing over open businessman's hand
Businesses are struggling to address vulnerabilities hidden in phantom dependencies
API
Businesses are being plagued by API security risks - with nearly 99% affected
Representational image of a hacker
The 10 worst software disasters of 2024: cyberattacks, malicious AI, and silent threats
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 23 (game #385)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 23 (game #651)
Google Pixel 9 Pro Fold main display opened
Apple is rumored to be prioritizing battery life on the foldable iPhone – which could also feature a liquid metal hinge for added durability
Google Pixel 9
The Google Pixel 10 just showed up in Android code – and may come with a useful speed boost
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras
More about security
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)

This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Acer Nitro NGR300

The Acer Nitro NGR300 is hard to recommend today thanks to its reliance on AA batteries and complete lack of console compatibility
See more latest
Most Popular
Asus Vivobook 18
The Asus Vivobook 18 is the only affordable 18-inch laptop right now, and it comes with a powerful CPU no other laptop has
Peter Claffey as Ser Duncan the Tall in The Knight Of The Seven Kingdoms
A Knight Of The Seven Kingdoms: The Hedge Knight – everything we know so far about HBO's Game of Thrones prequel
Vinpower iXFlash and iXFlash Cube
This tiny 2TB USB Flash drive can both charge and backup your iPhone at the same time
Compal Adapt X modular laptop
One of the largest laptop manufacturers releases concept pictures of Adapt X, a modular laptop in the same vein as Framework
Anycubic foldable portable 3D printer
Anycubic may launch this gorgeous foldable portable 3D printer any day soon, and I can't wait to try it out
HP Fury G1i 18"
'2-inches gets you 30% more screen': HP is pitching 18-inch laptop as the best new thing in tech
Framework Desktop
Framework's Desktop is selling like hot cakes; Ryzen Max+ 395, Max 383 batches are sold out with next shipment in Q3
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 23 (game #651)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 23 (game #385)