The word “vulnerability” typically comes with a “must fix now” response. However, not all vulnerabilities should be treated equally because not all of them pose a risk. It all depends on what the data represents. In fact, some vulnerabilities are OK to deprioritize, depending on associated threats and the value of the asset at risk. For example, a lock on a 20th floor window of a building is not as important as one on the ground level, unless the contents of the room are so valuable that a thief would take the effort to access such an unreachable place. Scans reveal thousands of vulnerabilities across all assets – networks, applications, systems and devices – but they do not show which ones could lead to a damaging compromise if not fixed immediately. It is not about ignoring vulnerabilities; it is about prioritizing how you apply your resources to remediate them. Bay Dynamics provides some examples of vulnerabilities that are OK to put on the back burner.