Security Threat Prevalence

Security Threat Prevalence Meter

Low

There are no vulnerabilities without available patches rated as medium risk or higher, and the global threat prevalence is lower than typical. This is business as usual. However, there are still active threats.

IT managers should make sure all machines and applications are patched and anti-malware solutions should be up to date.

Medium

Increased alertness required, malicious attacks could well be imminent. There is either a vulnerability rated as medium risk with no patch available, or there hasn't been a significant increase in the global threat prevalence.

IT managers should assess vulnerability information to identify exposed systems.

High

There are active attacks and there is a strong likelihood of vulnerable systems being attacked and exploited.

IT managers should consider whether to deploy additional monitoring, monitor existing security solutions more closely, and/or disable vulnerable systems.

Critical

There is malware exploiting an unpatched high-risk vulnerability. There is a high probability that vulnerable systems will be hacked.

IT security officers should work with their organizations to determine potential risks and deploy appropriate safeguards. These safeguards may include implementing temporary policies and deploying temporary fixes or restricting application usage.


IT managers without a full-time security officer should put on their security officer hat if they are responsible for server and endpoint security.