{"id":"https://openalex.org/W2336749557","doi":"https://doi.org/10.1016/s1353-4858(16)30036-8","title":"Vulnerability management: not a patch on where we should be?","display_name":"Vulnerability management: not a patch on where we should be?","publication_year":2016,"publication_date":"2016-04-01","ids":{"openalex":"https://openalex.org/W2336749557","doi":"https://doi.org/10.1016/s1353-4858(16)30036-8","mag":"2336749557"},"language":"en","primary_location":{"id":"doi:10.1016/s1353-4858(16)30036-8","is_oa":false,"landing_page_url":"https://doi.org/10.1016/s1353-4858(16)30036-8","pdf_url":null,"source":{"id":"https://openalex.org/S2764863393","display_name":"Network Security","issn_l":"1353-4858","issn":["1353-4858","1872-9371"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Network Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://ro.ecu.edu.au/ecuworkspost2013/1960","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5033160778","display_name":"Steven Furnell","orcid":"https://orcid.org/0000-0003-0984-7542"},"institutions":[{"id":"https://openalex.org/I897542642","display_name":"University of Plymouth","ror":"https://ror.org/008n7pv89","country_code":"GB","type":"education","lineage":["https://openalex.org/I897542642"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Steve Furnell","raw_affiliation_strings":["University of Plymouth, UK"],"affiliations":[{"raw_affiliation_string":"University of Plymouth, UK","institution_ids":["https://openalex.org/I897542642"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5033160778"],"corresponding_institution_ids":["https://openalex.org/I897542642"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.0286246,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":"2016","issue":"4","first_page":"5","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9544000029563904,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9544000029563904,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9344000220298767,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7697857618331909},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7014451026916504},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.6155727505683899},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.609024703502655},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.5514225363731384},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5339421629905701},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5114599466323853},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4768727421760559},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.4515704810619354},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.39797520637512207},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.33829379081726074}],"concepts":[{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7697857618331909},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7014451026916504},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.6155727505683899},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.609024703502655},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.5514225363731384},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5339421629905701},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5114599466323853},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4768727421760559},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4515704810619354},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.39797520637512207},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.33829379081726074},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1016/s1353-4858(16)30036-8","is_oa":false,"landing_page_url":"https://doi.org/10.1016/s1353-4858(16)30036-8","pdf_url":null,"source":{"id":"https://openalex.org/S2764863393","display_name":"Network Security","issn_l":"1353-4858","issn":["1353-4858","1872-9371"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Network Security","raw_type":"journal-article"},{"id":"pmh:oai:ro.ecu.edu.au:ecuworkspost2013-2963","is_oa":true,"landing_page_url":"https://ro.ecu.edu.au/ecuworkspost2013/1960","pdf_url":null,"source":{"id":"https://openalex.org/S2765015692","display_name":"Australasian Journal of Paramedicine","issn_l":"2202-7270","issn":["2202-7270"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Research outputs 2014 to 2021","raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:ro.ecu.edu.au:ecuworkspost2013-2963","is_oa":true,"landing_page_url":"https://ro.ecu.edu.au/ecuworkspost2013/1960","pdf_url":null,"source":{"id":"https://openalex.org/S2765015692","display_name":"Australasian Journal of Paramedicine","issn_l":"2202-7270","issn":["2202-7270"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Research outputs 2014 to 2021","raw_type":"text"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/1","display_name":"No poverty","score":0.5600000023841858}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W1463518955","https://openalex.org/W2016388989","https://openalex.org/W2054143310","https://openalex.org/W4238952877"],"related_works":["https://openalex.org/W2393340519","https://openalex.org/W4298219515","https://openalex.org/W3118510577","https://openalex.org/W2021298062","https://openalex.org/W2185499427","https://openalex.org/W4251326955","https://openalex.org/W2371301679","https://openalex.org/W1883246888","https://openalex.org/W2527966616","https://openalex.org/W4200316191"],"abstract_inverted_index":{"Effective":[0],"vulnerability":[1],"management,":[2],"particularly":[3],"in":[4,28,50,66,106],"the":[5,14,51,59,67,109,123,162],"context":[6],"of":[7,17,71,111,138,146,161],"end-user":[8],"systems,":[9],"is":[10],"inextricably":[11],"linked":[12],"to":[13,24,76,86,95,118,131,167],"timely":[15],"application":[16,154],"software":[18,155],"updates":[19,168],"and":[20,31,121,153],"patches.":[21],"Vulnerabilities":[22],"continue":[23,94],"be":[25,81],"discovered,":[26],"even":[27],"established":[29],"software,":[30],"so":[32],"impose":[33],"a":[34,47,136],"continual":[35],"demand":[36],"for":[37],"our":[38],"attention.":[39],"The":[40],"most":[41],"recent":[42],"findings":[43],"from":[44],"Secunia":[45],"indicate":[46],"55%":[48],"increase":[49,57],"five-year":[52],"trend,":[53],"with":[54,101],"an":[55],"18%":[56],"on":[58],"previous":[60],"year":[61],"(with":[62],"15,435":[63],"vulnerabilities":[64],"detected":[65],"latter":[68],"period).1":[69],"Many":[70,91],"these":[72,147],"will":[73],"have":[74],"led":[75],"resultant":[77],"updates,":[78,156],"which":[79,105],"must":[80],"applied":[82],"if":[83],"systems":[84,98],"are":[85,99],"remain":[87],"protected":[88],"against":[89],"exploitation.":[90],"network":[92],"breaches":[93],"occur":[96],"because":[97],"running":[100],"known":[102],"security":[103],"vulnerabilities,":[104],"turn":[107],"highlights":[108],"importance":[110],"updating":[112],"software.":[113],"However,":[114],"despite":[115],"various":[116],"moves":[117],"raise":[119],"awareness":[120],"automate":[122],"process,":[124],"many":[125],"users":[126],"(and":[127],"indeed":[128],"organisations)":[129],"appear":[130],"leave":[132],"themselves":[133],"vulnerable":[134],"as":[135,157,159],"result":[137],"lax":[139],"maintenance":[140],"practices.":[141],"Steve":[142],"Furnell":[143],"examines":[144],"evidence":[145],"poor":[148],"practices":[149],"across":[150],"both":[151],"system":[152],"well":[158],"some":[160],"factors":[163],"that":[164],"can":[165],"lead":[166],"being":[169],"delayed":[170],"or":[171],"ignored.":[172]},"counts_by_year":[{"year":2020,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}