Cloud risks rise due to slow remediation, costs USD $2m+

Yesterday

ZEST Security has released its "Cloud Risk Exposure Impact Report," which highlights the relationship between remediation delays and cyber incidents.

The report indicates that over 62% of cyber incidents are linked to risks already known to organisations. These incidents occurred despite security teams having identified the issues and entered them into remediation backlogs, where they remained unaddressed at the time of the events.

Based on a comprehensive survey of more than 150 security decision-makers within large U.S. enterprises, the findings show how increased risk backlogs and slow remediation processes contribute to the rising volume and impact of cyber incidents. The survey participants revealed that, despite knowledge of these vulnerabilities, the process to address them often takes substantially longer than the time attackers need to exploit these risks.

Significantly, the study reports that organisations face an annual remediation cost of over USD $2 million, taking into account the time, resources, and efforts involved. This calculation excludes additional indirect costs associated with incidents, insurance, and regulatory compliance.

"There is a direct correlation between delays in remediation and the rise in security incidents," stated Snir Ben Shimol, CEO and co-founder of ZEST Security. "Before this research, there was very little data quantifying just how much backlogged vulnerabilities and misconfigurations contribute to cloud incidents. The findings from this survey make it clear that visibility alone is not enough. Organizations require a more effective approach to remediation and mitigation to reduce cloud incidents."

Contributing to the high incidence of such risks is the backlog of security tickets, with 87% of respondents citing over 100 critical and under Service Level Agreement (SLA) tickets pending resolution. Furthermore, it takes more than six weeks on average to remediate an application vulnerability in production. Alarmingly, 56% of risks identified cannot be immediately remediated due to the lack of available patches or the limitations of legacy systems.

The report suggests that organisations are beginning to shift their focus towards reducing cloud incidents. Survey respondents reported implementing strategies aimed at increasing remediation efficiency, reducing risk acceptance, and minimising exposure. A prevalent strategy among respondents is effort-based prioritisation, with 53% stating improved outcomes from prioritising actions that resolve multiple issues with a single fix.

Automation was also noted as a key area for improvement, with a third or more respondents interested in adopting automated solutions for triage, root cause analysis, ownership of open tickets, and prioritisation efforts. Additionally, 84% of organisations are researching mitigating controls, such as cloud-native services or tools like web application firewalls (WAFs), to manage risks or reduce the severity of vulnerabilities when immediate remediation is not an option.

"The findings of this report emphasize how important it is for organizations to develop risk remediation plans, similar to incident response plans, with stricter SLAs for addressing critical and high-risk vulnerabilities to reduce incidents," Shimol stated. "This shift will also be influenced by regulations, which are likely to shorten recommended timelines due to the rapid decrease in the time it takes for attackers to exploit vulnerabilities, now in just days."

Share on: