Compliance a challenge for businesses: Tenable

Compliance a challenge for businesses: Tenable

Security vendor finds that businesses are struggling to be compliant with government standards

Organisation are stuggling to be compliant with current and emerging government standards, according to Tenable Network Security Asia-Pacific principal architect, Dick Bussiere.

“If you do an annual assessment, by the time you go back a year later, the machines you fixed will likely have vulnerabilities again,” he said.

“The vulnerabilities will be different, the machines will still be vulnerable.”

However, if a company perform this process as a continuous function, Bussiere they will not encounter this problem.

“If you are employing our security centre technology by the time the auditor knocks on the door, you are already compliant because you have been keeping up with it,” he said.

Threats on the rise

In 2000, Bussiere said it was vulnerabilities that “kept customers up at night,” as well as “things on the network that are potentially damaging” to the overall infrastructure.

Fast forward to 2011, where the National Institute of Standards and Technology (NIST) found that there were about 5,800 vulnerabilities disclosed.

“That averages out to 77 vulnerabilities on a weekly basis being disclosed publicly,” Bussiere said.

Read more: Presence of IT partners with ClickSuper

Bussiere admits that attempting to keep up with that and eliminating these vulnerabilities is not easy, particularly if an organisations does not have anything to assist with it.

“When a vulnerability is initially disclosed, that is the time it is most virulent and attackers will exploit it before it gets patched,” he said.

“This underscores the criticality of having a rapid vulnerability detection and mitigation process.”

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags complianceTenable Network Security


Show Comments