Ponemon Institute recently published the findings of a study on vulnerability and patch management detailing how gaps in firms’ programs make them attractive targets for hackers — which becomes both costly and time consuming.
Businesses are not keeping up with the hackers
According to the findings, businesses seem to be keeping to the status quo in their approaches to patching. Year over year, more time is spent on prevention, detection and remediation of vulnerabilities with no improvements in reducing the risk of an attack. As a consequence, businesses are not achieving significant improvements in their ability to quickly detect and patch vulnerabilities and keep ahead of the attackers.
The Ponemon study indicates that more focus should be paid to vulnerability response for a business’ critical assets as patching could have prevented many of these data breaches because a patch was available for a known vulnerability but not applied.
Also, according to the study, businesses’ patching processes are under greater pressure because they have less time to patch a vulnerability before being attacked. Businesses also report not have enough resources to keep up with the volume of patches.
Automation reduces the time to respond to vulnerabilities.
Threat intelligence, incident response platforms and security automation are the preferred tools for improving vulnerability response.
Automation reduces the time to respond to vulnerabilities. In fact, one of the biggest delays in patching vulnerabilities quickly is because businesses rely upon manual processes.
The research also reveals that organizations that invest in automation experience the following benefits: reducing downtime, patching in a timely manner, being able to prioritize the most critical vulnerabilities and increasing the efficiency and effectiveness of their IT staff.
In addition to automation, businesses need to partner with an MSP to help provide the manpower and technology to get automated patching done. This is essential to keeping up with the volume of patches and making vulnerability management activities more efficient in order to reduce the cost of patch management.
Both of these investments will strengthen your firm’s security posture by improving your ability to prevent threats and patch vulnerabilities in a timely manner.
Contact ACE IT Solutions at 646.558.5575 or firstname.lastname@example.org to learn more about our automated vulnerability and patch management solutions.