Business does not respond to vulnerabilities identified by white hat hackers. This was stated by Deputy Minister of Digital Development Alexander Shoytov at a session on information security within the framework of the Russian Internet Forum.
According to him, the state does not have the tools to "force" companies to fix these vulnerabilities.
The question is how to then force companies to fix these vulnerabilities, this is a separate, more complex story.
According to information security experts, the inaction of companies leads to the fact that information about discovered vulnerabilities becomes available on various industry forums and on the darknet. This contributes to new attacks and data leaks.
Experts emphasize that there is a lack of both human resources and funding to eliminate vulnerabilities identified during penetration tests.