NIST Records Fifth Straight Year of Record Number of Vulnerabilities

NIST 800-171
January 5, 2022

As technology continues to evolve, vulnerabilities have become an inherent part of software development. It’s no secret that the number of cyberattacks is growing year over year. The US-CERT Vulnerability Database by NIST keeps a record of all known vulnerabilities.

Every year since 2017 has seen a new record set for the number of new vulnerabilities discovered.  So far in 2021, the number of vulnerabilities recorded by NIST is 18,378, up from 18,103 in 2020.

The pandemic continues to push companies to get their applications into production as part of their digital transformation. This could cause less attention given to quality control and vulnerability scanning, the use of third-party components and software, legacy, and open-source code – all risk factors for vulnerabilities. Read our blog on 7 common web app vulnerabilities.

The record number of vulnerabilities, paired with the slow pace of patching and updating devices mean organizations today are at a high risk of being breached through unpatched IoT devices. Cybersecurity experts worry that if last year’s vulnerabilities have remained unaddressed, the addition of this year’s vulnerabilities will make it harder for companies to protect themselves. This is especially true in the case of advanced threats such as the Log4j.

Concerned? You’re not alone. It is time to improve your organization’s security posture. How many of the apps you use pose threats to your organization? There is an urgent need to do more than just scan for vulnerabilities. Apart from improving web application security and ensuring that software and operating systems are up to date, it is important to actively measure, manage and mitigate risk. SureShield’s suite of solutions is designed to protect against vulnerabilities, both proactively and reactively. Contact us for a free demo to understand how we can help your organization detect vulnerabilities and protect you from the havoc they can wreak.

You may also be interested in reading about the 4 stages of a successful vulnerability management program and some alarming statistics on ransomware in the healthcare industry.

Leave a comment

Your email address will not be published. Required fields are marked *