You’ll never reduce your security risk if you can’t identify and mitigate the root causes of those vulnerabilities. It isn’t enough to have a list of malware programs that your antimalware has detected. You need to to determine how viruses and hackers have penetrated your environment in the past.

In the vast majority of organizations, two root causes are responsible for successful exploits: unpatched software and social engineering. All other root causes generally account for less than a few percentage points of the risk. The key to reducing computer security risk is that every organization needs to determine its own, most prevalent root causes.

To read this article in full or to leave a comment, please click here