Last year we saw one of the largest personal data breaches in history, when the personal data of 147 million people was stolen from the US company Equifax. What was the cause of such an enormous breach? The answer is simple: an application that hadn’t been updated. A vulnerability in the web application Apache Struts allowed hackers to access the data without any difficulty. And this theft could have been avoided: there was a patch available for this vulnerability months before the attack happened.
Now a new 0-Day Windows vulnerability has been revealed and confirmed by Will Dormann, vulnerability analyst at CERT, who verified it by confirming that the proof of concept “worked well on a fully patched Windows 10 64-bit system”. Microsoft has confirmed the vulnerability and announced that it will “proactively update the affected devices as soon as possible”.
This case is just one of many in which applications that needed updating have caused security incidents, and serves to underline the importance of patch management in corporate cybersecurity. This is something that has been confirmed in a recent study of 3,000 cybersecurity professionals carried out by Ponemon Institute and ServiceNow.
The results demonstrate that a company that is able to detect a vulnerability quickly and apply a patch in a timely manner are less likely to suffer a personal data breach. Time is of the essence: the time between a patch being released and an attack that exploits the vulnerability has reduced 29% over the last two years. This means more pressure on IT professionals to apply patches as quickly as possible.
Automatic vulnerability detection reduces risks
A measure that can reduce the possibility of suffering a security breach by 20% is carrying out a vulnerability scan. The study highlights that a manual search can take hours, while, as we have mentioned, during an incident, speed can mitigate irreparable damage. However, 30% of companies that have suffered a breach of this type don’t carry out this kind of scan. This is a highly risky bad practice, where the biggest loser is the organization itself.
A lack of scanning may also be the reason for another worrying figure: 57% of companies that suffered a breach say that it was possible due to a vulnerability for which a patch was available when the breach happened. If we don’t know what vulnerabilities there are in the system, there is a much higher possibility of them being exploited.
Another problem that has been revealed by the study is that almost two thirds of companies have trouble knowing which patch to apply first, since they don’t have enough information to be able to prioritize each patch. If they are unable to prioritize, urgent problems may go unresolved, while other less important problems are resolved first. Again, this is something that could be improved via the use of automating tools.
Time needed to find and apply patches
According to the report, managing a company’s vulnerabilities entails a major workload: companies spend an average of over 321 hours a week managing the vulnerability response process. This is the equivalent of eight full-time employees’ working weeks.
How can difficulties related to patching be avoided?
The most important thing when it comes to patches is to be able to know what vulnerabilities exist in the system and what patches need to be applied. With Panda Patch Management, you can manage all the patches that are necessary for your systems. Patch Management audits, monitors, and prioritizes updates on operating systems and applications. In exploit and malicious program detections, it notifies you of pending patches. Installations are launched immediately, or scheduled from the console, isolating the computer if needed. This way, you’ll be able to manage the patches that your company needs, without having to invest more time or resources in it. This way you’ll complete your protection system in order to shield your assets.