ServiceNow Research Shows That Despite Increase in Cybersecurity Spending, Breaches Increased in 2019

According to respondents, 60% of breaches in 2019 involved vulnerabilities where available patches were not applied

SANTA CLARA, Calif.--()--ServiceNow (NYSE: NOW), the leading digital workflow company making work, work better for people, today released its second sponsored study on cybersecurity vulnerability and patch management, conducted with the Ponemon Institute. The study, Costs and Consequences of Gaps in Vulnerability Response,” found that despite a 24% average increase in annual spending on prevention, detection and remediation in 2019 compared with 2018, patching is delayed an average of 12 days due to data silos and poor organizational coordination. Looking specifically at the most critical vulnerabilities, the average timeline to patch is 16 days.

At the same time, the risk is increasing. According to the findings, there was a 17% increase in cyberattacks over the past year, and 60% of breaches were linked to a vulnerability where a patch was available, but not applied. The study surveyed almost 3,000 security professionals in nine countries to understand how organizations are responding to vulnerabilities. In this report, ServiceNow presents the consolidated findings and comparisons to its 2018 study, Today’s State of Vulnerability Response: Patch Work Requires Attention.

The survey results reinforce a need for organizations to prioritize more effective and efficient security vulnerability management:

  • 34% increase in weekly costs spent on patching compared to 2018.
  • 30% more downtime vs. 2018, due to delays in patching vulnerabilities.
  • 69% of respondents plan to hire an average of five staff members dedicated to patching in the next year, at an average cost of $650,000 annually for each organization.
  • 88% of respondents said they must engage with other departments across their organizations, which results in coordination issues that delay patching by an average of 12 days.

The findings also indicate a persistent cybercriminal environment, underscoring the need to act quickly:

  • 17% increase in the volume of cyberattacks in the last 12 months compared to the same timeframe in 2018.
  • Nearly 27% increase in cyberattack severity compared to 2018.

The report points to other factors beyond staffing that contribute to delays in vulnerability patching:

  • 76% of respondents noted the lack of a common view of applications and assets across security and IT teams.
  • 74% of respondents said they cannot take critical applications and systems offline to patch them quickly.
  • 72% of respondents said it is difficult to prioritize what needs to be patched.

According to the findings, automation delivers a significant payoff in terms of being able to respond quickly and effectively to vulnerabilities. 80% of respondents who employ automation techniques say they respond to vulnerabilities in a shorter timeframe through automation.

This study shows the vulnerability gap that has been a growing pain point for CIOs and CISOs,” said Sean Convery, general manager, ServiceNow Security and Risk. “Companies saw a 30% increase in downtime due to patching of vulnerabilities, which hurts customers, employees and brands. Many organizations have the motivation to address this challenge but struggle to effectively leverage their resources for more impactful vulnerability management. Teams that invest in automation and maturing their IT and security team interactions will strengthen the security posture across their organizations.”

ServiceNow Security Operations

Vulnerability Response is part of ServiceNow Security Operations, a security orchestration, automation and response engine built on the Now Platform. Designed to help security teams respond faster and more efficiently to incidents and vulnerabilities, Security Operations uses intelligent workflows, automation and a deep connection with IT to streamline security response.

Additional Resources

  • Report: Cost and Consequences of Gaps in Vulnerability Response
  • For more on ServiceNow Security Operations, please visit this site.
  • Visit Workflow for additional ServiceNow security incident management thought leadership

Survey Methodology

ServiceNow commissioned the Ponemon Institute to survey nearly 3,000 IT security professionals in summer 2019. Respondents are based in Australia, France, Germany, Japan, the Netherlands, New Zealand, Singapore, the United Kingdom, and the United States. Founded in 2002, the Ponemon Institute is a research center specializing in privacy, data protection, and information security policy. The report presents the consolidated findings and comparisons to the 2018 study, Today’s State of Vulnerability Response: Patch Work Requires Attention.

Survey findings are available for these countries, major industries, small vs. large organizations, and immature vs. mature organizations. Contact ServiceNow for a custom briefing.

About ServiceNow

ServiceNow (NYSE: NOW) is making the world of work, work better for people. Our cloud-based platform and solutions deliver digital experiences that create great experiences and unlock productivity for employees and the enterprise. For more information, visit:

© 2019 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, Now Platform, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries. Other company names, product names, and logos may be trademarks of the respective companies with which they are associated.


Jim Brady, 669-278-1177

Release Summary

ServiceNow today released its second sponsored study on cybersecurity vulnerability and patch management, conducted with the Ponemon Institute.


Jim Brady, 669-278-1177