Many of the organizations suffer from data breaching almost every year, and for the past two years, the ratio is drastically increasing. These organizations are becoming victims to cyber-attacks as they lack proper security measures to counter these threats.
According to the report by the Ponemon Institute, half of the organizations have faced the phase of data breaching more than once in the past two years. And, shockingly 34% of them confessed that they knew their systems were vulnerable prior to the attack. This report was further conveyed after consulting 3,000 IT professionals worldwide on their patching practices.
FLAWS IN PATCHING SOFTWARE SECURITY
Patching software security flaws don’t make sense anymore. They are like a no-brainer for organizations. However, most of the companies are still struggling to keep up with the patching practices and are also managing the process of applying software updates.
The senior director of marketing at ServiceNow said, "Detecting, prioritizing and getting vulnerabilities solved seems to be the most significant thing an organization can do to prevent themselves from getting breached”. He further said, “Once vulnerability and patches are announced, the race is on". Which clearly means that the hacker is ready to strike and he can completely manipulate your data even before the organizations can think of applying their patches.
Patches mostly are not 100% accurate and every time when a data theft case is disclosed, there’s a patch for that available in the market already. Organizations face data breaching for not using the right patch at the right time. According to the new data analytical report, there was an increase of 14% patch flaws as compared to the last year’s report which was also tallied from Flexera.
The next report from Flexera says, that the dreaded zero-day flaw is only an individual's imagination as the patches still have some issues. Only 14 patches out of 20,000 were the ones with fewer flaws that were able to qualify further whereas all others were rejected.
WHAT SHOULD THE ORGANIZATIONS DO?
In this case, it is important for every organization to undergo a patching rollout process. This process includes testing out a patch before going live with it.
After a brief survey of some companies, 0patch recently came up with a report that clearly distinguished some major flaws in the patches. In addition, the report explains the fact about the software updates as they can break the system when applied. Also, there are some usual challenges of the legacy system patching and compatibilities with the operating systems and existing applications.
With continuing the same report, Ponemon institute added their piece of findings in the report that says, most of the organizations believe hiring or recruiting more staff can solve their patching problems. About 64% of companies choose to hire additional dedicated staff to reduce the risks of data beaching and for the assistance in patching practice. It represents a total of 50% increase in the headcount for half of those organizations.