60% Of Data Breaches: Missing Patches

Green code on a black screen. Missing patches are accounting for 60% of data breaches.

Written by: Jay H.

Most organizations are aware of the threat of phishing attacks and the effects they can have on businesses. However, just as significant are missing operation system patches and application patches, which accounted for nearly 60% of data breaches in the past two years. Larger businesses are hit the hardest with high downtime costs and disruption, and these costs are expected to grow as enterprises support fully remote staff.

According to polls conducted by Automox, 81% of companies had suffered a data breach in the past two years. Phishing attacks were the root causes for 38% of those incidents, followed by missing operating system (OS) patches (30%), missing application patches (28%), OS misconfigurations (27%), insider threats (26%), credential theft (22%), and brute force (17%).

Improving patching processes could help businesses defend against cybercrime; however, achieving this presents several challenges. Firstly, patching is expensive, especially for larger companies that experience more significant losses from downtime and disruption. Also, vulnerabilities and exposures are substantial in number, with 12,174 common vulnerabilities and exposures (CVEs) reported last year. Alarmingly, even the most critical CVEs take an average of 38 days for an organization to patch. As such, it is nearly impossible for a business to get a handle on patch management.

Older OS System Users at Significant Risk

Microsoft ended support for Windows 7 on January 14, 2020, devoting its resources to Windows 10 OS. This means that Windows 7 users are vulnerable to data breaches. With almost 70% of organizations still using Windows 7, Microsoft will no longer patch security issues they face.

Remote Patch Management Faces Challenges

Patch management for remote workers presents many hurdles as well. These include difficulties in patching systems belonging to remote employees, inefficient patch testing, lack of visibility into endpoints, and insufficient staffing in IT operations. So although every machine needs remote management, the challenges make it difficult for organizations to achieve this.

As more and more employees shift to a remote environment, patch management will continue to escalate as an issue. However, tackling this problem is expensive, time-consuming, and challenging, so it will be the responsibility of organizations to prioritize significant vulnerabilities as they arise.

Need help with your remote workforce? If so, consider receiving remote IT support from our technology specialists. As a cost- and time-effective option, remote IT support allows us to assist you from anywhere. So, get in touch today and let us help you.

To learn more about cybersecurity issues, check out more of our blog posts.

Protected by Copyscape

Comments are closed.