"As our research shows, prioritisation is now key for every vulnerability management program but due to the ever increasing number of threats, manual triage is no longer a viable solution. "
Thomas MacKenzie, CEO, RankedRight
· IT security teams are spending four days a week* (or 16 days a month) manually prioritising vulnerabilities
· For every hour spent on manual vulnerability prioritisation, remediation teams either experience a delay in starting critical work or waste time and effort on low priority vulnerabilities
· The time spent on manual triage equates to an average of £48,000** (or $63,474) per year in remediation labour costs
Manual triage is taking the equivalent of four days a week to complete, causing significant delays to the remediation of business’ critical vulnerabilities, according to research from automated vulnerability triage platform RankedRight. This triage time equates £48,000 (or $63,474) per year in remediation labour costs.
96% of companies admit that prioritisation is now an important or extremely important part of their vulnerability management programme as it ensures that remediation teams focus their precious time on the most critical vulnerabilities. However, with a rise in vulnerabilities increasing the triage burden, remediation teams’ work is beginning later and later. According to RankedRight’s research, vulnerability prioritisation takes an average of seven hours per week per 250 assets. Many enterprises have as many as tens of thousands of assets.
To address this problem so that the important remediation work can start sooner, RankedRight is launching a free version of its platform, RankedRight Essential, to give all businesses access to powerful prioritisation technology and the most up-to-date vulnerability intelligence.
When surveyed on the impact this would have, over 80% agreed an automated triage platform would not only improve efficiency, but would also increase their ability to remediate more critical network vulnerabilities.
Created in the UK, RankedRight is a triage system that follows an IT security team’s or managed service provider's pre-set rules to automate the time-consuming yet crucial process of ranking vulnerabilities in order of impact to the business. This enables teams to divert their attention towards tackling the most critical issues and keeping the company safe.
Commenting on the research, RankedRight’s CEO, Thomas MacKenzie, said, “As our research shows, prioritisation is now key for every vulnerability management program but due to the ever increasing number of threats, manual triage is no longer a viable solution. Teams need to spend more of their precious time and resources on remediation and by taking the manual triage off their plate, they can now do that.
“The best part is that RankedRight Essential is completely free so there’s no barrier to entry, whatever your team size or budget. We’re on a mission to help organisations of all sizes to fix their vulnerabilities faster and more efficiently."
For more information on RankedRight Essential and to sign up, visit https://www.rankedright.com/essential
*Survey of 600 IT professionals in the UK and the US involved in the manual triage of network scanning data produced for their vulnerability management program at companies with 50+ employees. Research carried out by Arlington Research on behalf of RankedRight in October 2021.
** Based on average salary for an Information Security Analyst of between £50,000 and £70,000 in the UK which is $79,342 US, working a 35 hour week.