Skip to main content

Businesses are overlooking the importance of patch management

(Image credit: Shutterstock / Song_about_summer)

Businesses would significantly reduce the chances of being compromised by criminals if they would only implement an appropriate patch management policy. This is according to a new report from cybersecurity experts Kaspersky, which claims that such a policy decreases the risk of incidents by almost a third (30 percent).

What’s more, a solid password policy is said to reduce the likelihood of being attack by almost two-thirds (60 percent).

Kaspersky bases these findings, published in its Incident Response Analytics Report, on the fact that in almost two-thirds (63 percent) of cyberattacks its Global Emergency Response team investigated, criminals used brute force and vulnerability exploitation as initial attack vectors. 

Of these, brute force is the more popular method, Kaspersky further claims. Compared to the year before, the share of brute force attacks grew from 13 percent to 31.6 percent. Although they cannot say for certain, the researchers believe the expansion of remote working was a major catalyst. 

Vulnerability exploitation accounted for 31.5 percent of attacks. In the vast majority of incidents, criminals took advantage of older, unpatched vulnerabilities. 

The majority of the attacks were detected within a few hours, or days, Kaspersky concluded. In one instance, an attack took 90 days to be identified. 

To minimize the chances of being compromised, Kaspersky recommends implementing a robust password policy (including MFA, as well as identity and access management tools), ensuring patch management for public-facing applications have zero tolerance, maintaining a high level of security level among employees, and implementing an endpoint detection and response solution.

“Even if the IT security department does its best to ensure the safety of company’s infrastructure, factors such as legacy OS usage, low-end equipment, compatibility issues, and human factors often result in security breaches that can jeopardize an organization’s security,” said Konstantin Sapronov, Head of Global Emergency Response Team. 

“Protective measures alone can’t provide a holistic cyber defense. Therefore, they should always be combined with detection and response tools that are able to recognize and eliminate an attack at an early stage, as well as address the cause of the incident.”

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.