Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
So many software vulnerabilities, so little time. But failure to patch them can have serious consequences. Here's help for overwhelmed security teams.
In theory, anyone who depends on software should patch a vulnerability as quickly as possible. That goes for consumers as well as enterprises. In hindsight, Equifax would likely agree. The major breach of 2017 was, in part, the result of a failure to patch in a timely manner, writes security thought leader Kevin E. Green. But there are many reasons why patching doesn't happen quickly. Or at all.
According to the "2019 Vulnerability and Threat Trends Research Report," published by Skybox Security, part of the problem is security teams are overwhelmed by the number of new vulnerabilities — 16,000 were reported last year — making patching rather unmanageable. Some organizations can't patch quickly because the risk of downtime far surpasses that of the vulnerability. Still others don't have a patching policy in place that identifies who is responsible for patching what and when.
"When you consider that [quality assurance] testing should take place before a patch is rolled out, and that many organizations have to work around defined 'downtime windows,' it becomes clear that every organization, every day of the year, is vulnerable to known attack vectors," says Bob Noel, VP of strategic relationships for Plixer.
So how can security teams make patching a smoother process? Here are five ways.
Image Source: MyCreative via Adobe Stock
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024