Expel: Firms Still Threatened by Old Vulnerabilities – Source: www.govinfosecurity.com

Governance & Risk Management
,
Video
,
Vulnerability Assessment & Penetration Testing (VA/PT)

Solution Architecture Director Andrew Hoyt Shares Expel’s Q1 2023 Threat Report

Anna Delaney (annamadeline) •
August 2, 2023    

According to Expel’s Q1 2023 Quarterly Threat Report, criminals are exploiting 1- to 2-year-old vulnerabilities. This suggests organizations don’t know which vulnerabilities pose the biggest threats to their environments, said Andrew Hoyt, Expel’s director of solution architecture.

See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense

One of the greatest challenges for organizations is the prioritization of vulnerabilities, Hoyt said. Sometimes businesses have multiple scanners analyzing different parts of their network environment and producing hundreds or thousands of results. This makes prioritization extremely difficult.

Hoyt recommends that organizations gain better visibility of their assets. “Come up with a key to help understand the risk associated with these volumes,” he said. “Understanding your business and matching that with the results you’re seeing from these scanners is absolutely key.”

In this video interview with Information Security Media Group at Infosecurity Europe 2023, Hoyt discussed:

• Highlights from Expel’s Q1 2023 Quarterly Threat Report;
• Vulnerability prioritization;
• How organizations can improve the visibility of their vulnerabilities.

Hoyt and his team act as presales threat detection and response advisers, helping organizations maintain an acceptable level of risk through strategic and operational recommendations. He has over 15 years of experience in cybersecurity across a wide variety of customer-facing roles, including the creation of a program to identify advanced persistent threats across a global customer base, leading MSSP service delivery dedicated to Fortune 500 companies, and partnering with CISOs to help enable impactful change within their organizations to protect both end users and customers.