News

The average response time to new threats has improved significantly in 2022, according to Immersive Labs. The response time has decreased from 29 days in 2021 to 19 days in 2022. This reduction in response time is attributed to the lessons learned from high-profile vulnerabilities like the Log4j crisis, which had a catastrophic impact on organizations.

The Log4j crisis, although discovered in December 2021, continues to be a major concern among users of the Immersive Labs platform. Two of the top five most frequently attempted Common Vulnerabilities and Exposures (CVE) labs over the past year were related to Log4j.

Immersive Labs CEO, James Hadley, emphasized the importance of keeping the workforce up to date with emerging threats and ensuring their knowledge, skills, and judgment are sufficient to respond effectively. He highlighted the need for organizations to conduct realistic exercises to identify and address skills gaps. In the event of a worst-case scenario, organizations should also be equipped with the necessary incident response capabilities to mitigate the fallout.

The study also revealed that organizations are focusing primarily on the early stages of the attack lifecycle, potentially leaving themselves exposed to after-incident risks. Junior staff were found to be more proactive in challenging themselves with difficult exercises and staying current with new threats compared to more experienced professionals. However, the report emphasized the importance of all individuals, regardless of their experience level, being prepared for the latest threats.

While modest gains have been made in achieving cyber resilience, financial services firms emerged as the top performers. Regulated industries, as a whole, only marginally outperformed less-regulated sectors. This suggests that regulated industries are not substantially better prepared for attacks on average. However, financial services firms, with their commitment to continuous training and benchmarking, have demonstrated stronger organizational competence in dealing with cyber threats.

Overall, the study highlights the significance of faster response times to new threats and emphasizes the need for organizations to prioritize cyber resilience activities across the attack lifecycle to effectively reduce risk.

The post Average Response Time Decreased in 2022, Driven by Lessons from Log4j Crisis appeared first on satProviders.