Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed past CISA’s deadlines, according to Bitsight.
Organizations struggle to remediate critical vulnerabilities
The report, titled “A Global View of the CISA KEV Catalog: Prevalence and Remediation,” analyzes data from 1.4 million organizations globally and highlights the deep challenges that global organizations face in remediating critical, exploited vulnerabilities on time.