Intigriti has published Sharpening SLAs for Vulnerability Management, a new report highlighting the need for strong cybersecurity practices and service-level agreements (SLAs) for vulnerability management.
This report combines qualitative and quantitative research, featuring insights from 250 infosecurity professionals.
Go deeper with GlobalData
The UK demonstrates a more rapid response and remediation rate for critical vulnerabilities, suggesting a more proactive and efficient approach to cybersecurity threats. Conversely, the US excels in automation, vendor collaboration, and conducting thorough cost-benefit analyses, indicating a more strategic and comprehensive approach.
Globally, 75% of businesses fail to respond to critical vulnerabilities within 24 hours consequences could include customer dissatisfaction, loss of business, and reputational damage.
In the UK, 29% respond within 24 hours compared to 20% in the US.
More UK respondents (82%) aim to resolve a critical to exceptional vulnerability within 15 days compared to the US (69%) a promising start, but more organisations should aim for this target.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataThe UK is also faster at disclosure, with 73% disclosing a vulnerability within 15 days versus 66% in the US.
Stakeholder consultation when assessing critical vulnerabilities
Over half (52%) of companies skip consulting their executive leadership when facing critical vulnerabilities, and only 44% involve legal and risk management teams. This oversight is concerning, as regulatory bodies must be informed about such vulnerabilities.
Stijn Jan, CEO and Founder at Intigrit, said: “At Intigriti, we understand the immense pressure on cybersecurity leaders to defend against a rapidly evolving threat landscape with limited resources. Still, failing to plan is planning to fail, which is why SLAs are so crucial for protecting against cyber threats. Our report provides clear and actionable standards for performance and accountability, giving businesses a competitive edge in the process. By equipping security teams with tools and knowledge, we can turn vulnerabilities into victories. Collectively, we can ensure a safer digital future for all but there’s no time left to waste.”
