View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
January 12, 2018updated 08 Jul 2022 11:26am

Majority of organisations lack patching urgency with GDPR knocking

Organisations should not be willing to let any unnecassary time pass when a vulnerability can be patched, many more should be leveraging automation technology.

By Tom Ball

With patching proving to be a critical weak area making organisations vulnerable to cyber attacks, a towering 78 per cent of organisations lack urgency, saying they fix vulnerabilities within 30 days.

Very few organisations were found to have the necassary zero tolerance approach to leaving patches uninstalled after release, with just 15 per cent presenting this attitude.

A more substantial 46 per cent of organisations said that they would not be willing to wait longer than seven days before implementing a patch, still a worrying attitude with GDPR now at the door.

Majority of organisations lack patching urgency with GDPR knocking

It is becoming increasingly clear that automation is vital to make a real difference in security prospects, with the threat landscape now bristling with danger and organisations failing to be proactive about patching.

In light of this, perhaps one of the most worrying findings of the Dimensional Research study presented by Tripwire is that just 17 per cent of organisations are automating tools for tracking down vulnerabilities.

Tim Erlin, vice president of product management and strategy at Tripwire, said: “Attackers will always go for the low-hanging fruit, the proverbial ‘unlocked door,’ over a more complex method of compromise. As long as these older vulnerabilities are present, they’ll continue to be exploited. Organizations should really be aiming to fix vulnerabilities on their systems as rapidly as is feasible… Any gap in applying a patch to a vulnerability provides an opportunity for hackers to access systems and steal confidential data.”

Content from our partners
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester
Infosecurity Europe 2024: Rethink the power of infosecurity
5 of the hottest cybersecurity startups to watch in 2018
FCA bans use of personal devices across UK financial services
Gemalto banks on biometrics with contactless fingerprint card

The research also found that there is a fairly even split in opinion regarding investment, 54 per cent believe an investment in people is of foremost importance, while 46 per cent said that technology is where spending should be focussed.

“If you don’t know what devices are on your network, you’re setting yourself up to fail in terms of securing it. For some organisations, doing this manually is just unrealistic and too challenging, which is why automated technology solutions exist to address this issue. Those who can identify these changes and additions to their networks within minutes will be in a much more comfortable position when it comes to security,” said Erlin.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.