According to a study by Safeatlast, two out of three companies suffered a cyberattack last year. In addition, a cybercriminal could break into 93% of companies (PTSecurity, 2020). Currently, there are over 170,000 vulnerabilities with more being discovered every year (CVE Details, 2022). Cyberattacks have multiplied in recent years and are increasingly sophisticated. As Qualiteasy, importer of Faronics Inc. solutions in Spain, points out, cybersecurity is a priority objective for Spanish companies and has become the issue that concerns them the most, with 48% giving it a high or very high rating (2022 Cyber Readiness Report, Hiscox).

defense in depth strategy

To protect your systems, Faronics experts recommend that your organization implement a defense-in-depth or layered strategy that includes the following elements: secure architecture design, risk management, business continuity plan, monitoring and response to incidents. Patch management is one of the most important and effective security measures you can apply to eliminate system vulnerabilities.

Vulnerabilities and fixes

Cyberattacks, which take advantage of system vulnerabilities, can have a major impact on the integrity, availability and confidentiality of the information processed by these systems. According to the Canadian Center for Cyber ​​Security (CCCS), patching operating systems and applications is the second most important cybersecurity measure a business can take to minimize intrusions and their impact.

Patch management and best practices

Patch management is a four-step process: identify, test, report affected items, and install. Similarly, as Faronics points out, there are a series of best practices that should be considered in patch management, such as weighing the security risks of not applying a patch against the operational risks of applying it. without carrying out exhaustive tests beforehand. Another key is to ensure that users cannot disable patches, especially critical patches. Similarly, security needs must be weighed against those of usability and availability. Finally, it is necessary to ensure that patch management is effective to avoid situations of overloading tasks.