Patch Management Failures Accelerate Cybercrime

by CXOtoday News Desk    Mar 31, 2014

data security

Patch management, which should be the top of any CIO/CSO’s security priority and can prevent network hacks, malware infections and even simple human error, is an area often overlooked by businesses. Inevitably, failures in patch management of vulnerable systems are leading to top-notch cybercrime, according to a new Global Threat Intelligence Report, which also states botnet attacks as the biggest single threat in the cyber world.

The report prepared by managed security services provider, Solutionary (now part of NTT), analyzed about 300 million events in the past one decade and gathered customers’ networks gathered through 139,000 network devices, such as intrusion-detections systems, firewall and routers and came to this conclusion.

Nearly 50% of the exploitable vulnerabilities identified have been publicly known for at least two years, yet they remain open for an attacker to find and exploit, said the report. This indicates that many organizations today are unaware, lack the capability, or don’t perceive the importance of addressing these vulnerabilities in a timely manner.

“There’s kind of a throw it over the wall’ mentality,” said Don Gray, chief security strategist at Solutionary in the report, noting vulnerability-assessment information wasn’t being acted upon effectively in organizations, despite the growing awareness on cyber security. moreover, the report notes that effective log monitoring remains a challenge.

“Enterprises  are required to provide details about the devices, platforms, applications and databases they have when asking for log monitoring. But during and after this “discovery process,” about half of organizations realize there are IT assets they didn’t even know about. In addition, one third of the organizations have some of this IT infrastructure configured “in a manner that does not provide the security information required to meet their needs,” said the report.

Incident response was another challenge as the report reveals that 77% of the organizations involved had no incident response teams or procedures in place to respond effectively to a significant cyber incident, the report says. The remaining 23% has some incident response planning available, but “very few were mature or well-managed.”  

In terms of types of attacks faced by organizations, botnet activity aimed against the organization was the largest type, constituting 34% of all attacks, followed by denial-of-service attacks, application-specific attacks, service-specific attacks and “network manipulation,” such as DNS attacks.

The report notes that while patch management takes a lot of time to set up, and is not cheap, it is well worth the investment up front. However, it has warned that CIOs and security officers should look into the various software tools that help organize a patch management process and select vendors carefully that offer these tools.