Reduce the risk of cyberattacks by 30% by simply applying patches

15 de December de 2021

Some time ago, in one of by presentations, I shared with you some figures from a study of cybersecurity regarding the GAP that exists between detection of a vulnerability (or risk of cyberattacks) and the moment when the organizations apply a “patch.” At the time, the figure seemed to me very concerning, because it mentioned almost 2 months for simply applying a patch to a known vulnerability with an available solution (a “known error”, in terms of ITIL.:-))

Verizon Data Breach Investigation Report 2016

I didn’t want to give much credit to this figure, because it seemed very high, but in light of a new study by Kaspersky, I am starting to think that it is true. According to this study, more than 30% of cyberattacks take advantage of vulnerabilities that have not been patched, which seems to lend credibility to the previous figures...(and if we also add the “non-policy” of secure passwords, then we arrive at figures that are dizzying...).

Management of patches and sophisticated passwords reduce the risk of cyberattacks by 60%.

I encourage you to read the previous article so that you can see some of the figures in more detail, but if you don’t feel like it, then I will give you a spoiler: the majority of vulnerabilities that are exploited in a cyberattack are not even from this year!! The majority of these vulnerabilities are many months (or even years) old, and therefore the figure for days of vulnerability could really be much worse.

With technology from 20 years ago, maintaining a minimally patched infrastructure could be a very complicated task, but today’s technology makes it easy thanks to automation! Find out what you have, in what condition you have it, where you have it, obtaining detailed and absolute knowledge of the patches yet to be deployed in each device, and being able to deploy them “with a single click,” would be a must have in the agenda of any systems manager.

Remember: Don’t let this happen - adopt measures from the first day!

 

I hope that you enjoy it, and farewell

Alejandro Castro, Proactivanet’s Technical Director

Subscribe to our Blog
Loading

Consider you vulnerable assets over the long term…

When we refer to vulnerabilities and cybersecurity, we mean weaknesses in...

SLAs during contingencies

If we combine the SLA concept with the contingency plan concept,...