IT teams appreciate it when vendors or security researchers discover new vulnerabilities and develop patches for them. So do attackers. The same information that lets IT teams know where they may be vulnerable so they can take action, also lets attackers know where the weaknesses are – providing an opportunity and a map to guide them so they can develop an exploit.
That means that once a vulnerability is disclosed, the clock starts ticking and it becomes a race for organizations to patch or mitigate vulnerable systems before they can be compromised.
While zero day attacks capture media attention with exciting headlines, the reality is that most attacks target known vulnerabilities for which patches or updates exist. According to the 2019 Verizon Data Breach Investigations Report, the average IT team patches fewer than 40% of affected systems within 30 days of discovering a vulnerability. However, cybercriminals can often develop an exploit for a publicly disclosed vulnerability within a matter of weeks or even days.
The gap between a working exploit being developed and the necessary patch being applied is a period of heightened—and avoidable – exposure to risk. One of the primary problems is that there is a disconnect between the priorities of IT and security teams. Where security teams take a proactive approach, the IT teams responsible for implementing patches tend to take a more reactive approach, potentially hindering the patch management program overall.
Reactive patch management
IT teams are busy. Patching vulnerable systems and applications is just one part of a very long list of tasks the IT team is responsible for. Everything is import ..