Why Patching is essential in a Cyber Security Policy
Many of the latest high profile cyber attacks such as Wannacry exploited a weakness in software that was unpatched.
Applying patches often slips down the priority list of IT Managers as they are busy with mission critical updates and fulfilling user requests. But patching cannot be ignored or under rated if your cyber security strategy is to be successful. Here’s a few insights into why patching is vital to keep the hackers at bay.
1. 99.9% of attacks are not zero day
A zero-day attacks exploits a previously unknown security vulnerability. Most attacks nowadays are based on commonly found weaknesses often that had patches available but hadn’t been deployed.
2. Almost all attacks have a human factor
People unwittingly clicking in links in malicious emails remains a major component in cyber criminals gaining entry to networks. It’s getting easier and easier for this to work as cyber criminals engage in profiling and gathering data on a company and its employees making it very easy for them to fool users into believing their email is legit. Email remains a significant infection vehicle.
3. Out of date Antivirus
If AV is significantly out of date it is effectively useless. It means that you won’t detect malware on your machine and allow it to be swiftly dealt with if it isn’t patched.
4. There are patches for the most common malware
Once a flaw is discovered in a piece of software a patch is made. Once a patch is released the cyber criminals become aware that a weakness exists and they move fast and exploit that weakness before patches are implemented. This will take anywhere from 24 hours to 4 days. That is a short window for patching but if it isn’t observed you are leaving your systems vulnerable.
5. Vulnerabilities arise everywhere
Microsoft, Adobe and Java have all suffered from vulnerabilities. Knowing what systems your users are accessing and running is a first step to making sure your patching process is covering all eventualities. Conduct an audit to be sure you know your software estate.
The importance of keeping on top of patching cannot be over emphasised. It is a critical component of a fool proof Cyber Security strategy. However it can be a manual, tedious and time consuming task and users cannot be relied on to implement patches themselves.
Novi PatchGuard makes it east to manage, deploy and monitor patching across your entire estate. Managed via a centralised cloud based dashboard the service reports on what patches have been installed, what are missing and manages quick and easy remote deployment to all devices across the estate.