Global organisations are taking nearly two months to address and remediate critical risk vulnerabilities, with the average time taken to fix issues across a full stack set reaching to 60 days.