When you think about organizations that suffer a cyberattack, it’s easy to blame the victim. Perhaps they did something wrong to get taken in by a phishing attack? Maybe they didn’t defend themselves well enough against that DDoS attack?
Yet over the last year, we’ve witnessed a number of significant attacks on major companies, many with quite mature IT programs. As TechTarget reports, “Even organizations that offer products to help recover from ransomware attacks, like cyber insurance carriers and data backup vendors, were not safe.”
This includes a ransomware attack against Kaseya, a managed service provider and remote-management software vendor, an attack that reminded many industry insiders of the SolarWinds attack in the not-so-distant past. Or, more recently, a vicious DDoS extortion attack against a leading VoIP provider.
If companies of this caliber are being affected, it’s clearly not enough to just adopt tight defenses. You need to stay ahead of attackers by finding ways to harden your security posture beyond what you’re already doing. That includes toughening up some of the things you’re already doing, like patching.
According to Steve Brasen of EMA, an IT management consulting firm, ineffective patch deployment is the “weakest link” in today’s enterprise security. In a recent webinar, he joined JetPatch to explain how optimizing your patching program frees up critical staff and resources to take your entire security program to the next level.
So how can you toughen up your patching strategy? This post will explore three critical elements that must be in place: time to remediation, data-driven decision-making, and end-to-end process governance.
Let’s take a look at how these elements combine to harden your security posture, saving you time and money—while keeping your organization out of the headlines.
1. Time to Remediation
The minute a vulnerability is discovered, the clock starts ticking. The discovery of a vulnerability opens a window for hackers to attack, knowing that the vast majority of devices won’t have the patch just yet.
Most businesses take two to three months on average to deploy patches. The process, however, can sometimes take years—or not be completed at all. This staggering level of neglect means that, overall, 42% of breaches could have been prevented, according to a 2020 Ponemon Institute report that surveyed 1,848 IT and security professionals. This figure represents the number of IT leaders reporting that they had experienced data breaches where “a patch was available for a known vulnerability but not applied.”
Why? Patching is an exhausting process; it’s constant and ongoing, and it’s growing by the year. IT departments, in many cases, simply can’t keep up. And if they’re using manual processes, which most still are, they can’t roll out updates on a constant, consistent basis. And with IT departments strained to their limits, they’re more likely to take a reactive rather than proactive approach to patching.
2. Data-Driven Decision Making
Collecting and analyzing data can help you make proactive and informed decisions. Real-time analytics are growing in a wide range of fields, from gaming leaderboards to vehicle fleet logistics. These applications all make use of large amounts of data in real time. Yet in many organizations, security is one of the last departments to gain this type of visibility.
To establish a hardened security posture, you need holistic visibility coupled with intelligent decision-making. And when it comes to patching, you need to identify the root causes of patch failure—for instance, the fact that IT staff are overburdened and can burn out, especially when deluged by complaints or tickets.
Instead, patching must be strategic, based on determined risks and business impacts, given that not all patches released are equally important to your organization. That’s why you need visibility into supported endpoints and a clear understanding of current patch levels.
Data sources that you can use to make better security decisions include:
- Constant endpoint status monitoring
- Natural language processing for anomaly detections
- Predictive tools that help improve the probability of patch success
With data analytics and insights, you’ll be able to remediate non-compliant systems in real-time. So there’s no need to wait for that dreaded audit—and no stress, either, when an audit rolls around.
3. End-to-End Governed Process
Across the board, there’s an urgent need for process modernization when it comes to security. In a recent study by Workfront, an Adobe company, 49% of professionals said they were prepared to leave their current job due to frustration with the technology in place.
That makes patching one of the most vulnerable departments since 54% of businesses are still using entirely manual processes for patching. Why aren’t these organizations modernizing? Why do they insist on maintaining inefficient patching processes? Generally, their concerns fall into one of two categories:
- They worry that better solutions will be expensive, increasing the overall cost of security.
- They worry that it will be disruptive to the organization’s operation as a whole.
In fact, harnessing automation, ecosystem integration, machine learning, and other technology to orchestrate patching operations can reduce the overall time spent on patch management by 50% on average.
A modern patching solution will work with the management platforms you’re already using, adding vital context to your patching program: crucial information on systems and their status, mission criticality, and more. Plus, it will:
- Identify vulnerabilities before a breach occurs, as close as possible to a patch release
- Integrate with your other systems and tools to eliminate redundancies and save work
- Address root causes and provide guidance when it comes to patch failure, ideally with a prediction for optimized success
When administrators are spared the time they currently spend monitoring patch deployments, configuring patch distributions, investigating patch problems, and reporting on patch status, they are freed up to manage and improve business-critical systems or to introduce new business-focused services that drive increased performance and profitability. In other words, they can quit wasting time on patching and get back to doing their jobs.
It goes without saying that cyberattacks are not only embarrassing—the reputational damage they cause can also have a serious and far-reaching impact on your business. According to IBM’s 2021 “Cost of a Data Breach” study, the drop-off in customers and revenue following a breach cost businesses an average of $1.59M, while failure to meet regulatory compliance was the single factor most likely to drive up the costs of a breach.
And remember, as we saw above, these attacks aren’t just happening to companies that aren’t tech-savvy enough. Even technology leaders haven’t been spared. In fact, they may actually make them a bigger target.
Napoleon is known to have said that “an army marches on its stomach.” Well, experience has given IT management consultant Steve Brasen his own twist on that statement: “A modern enterprise marches on the strength of its IT department.” Patch management, he explains in his webinar with JetPatch, “is fundamental to ensuring the security and performance of its deployments.”
The three factors we’ve explored here—data-driven decision making, modernizing, and streamlining—are the best path forward for your organization if you hope to keep up with the pace of modern vulnerabilities and exploits.
To discover more secrets to hardening your security posture, starting with patching, check out this recent in-depth webinar that shares more secrets of modern patch management.