This article is part of VentureBeat’s special issue, “The cyber resilience playbook: Navigating the new era of threats.” Read more from this special issue here.
Procrastinating about patching has killed more networks and damaged more companies than any zero-day exploit or advanced cyberattack.
Complacency kills — and carries a high price. Down-rev (having old patches in place that are “down revision”) or no patching at all is how ransomware gets installed, data breaches occur and companies are fined for being out of compliance. It isn’t a matter of if a company will be breached but when — particularly if they don’t prioritize patch management.
Why so many security teams procrastinate – and pay a high price
Let’s be honest about how patching is perceived in many security teams and across IT organizations: It’s often delegated to staff members assigned with the department’s most rote, mundane tasks. Why? No one wants to spend their time on something that is often repetitive and at times manually intensive, yet requires complete focus to get done right.
Most security and IT teams tell VentureBeat in confidence that patching is too time-consuming and takes away from more interesting projects. That’s consistent with an Ivanti study that found that the majority (71%) of IT and security professionals think patching is overly complex, cumbersome and time-consuming.
Remote work and decentralized workspaces make patching even more complicated, 57% of security professionals reported. Also consistent with what VentureBeat is hearing from security teams, Ivanti found that 62% of IT and security leaders admit that patch management takes a backseat to other tasks.
The truth is that device inventory and manual approaches to patch management haven’t been keeping up for a while (years). In the meantime, adversaries are busy improving their tradecraft, creating weaponized large language models (LLMs) and attack apps.
Not patching? It’s like taking the lock off your front door
Crime waves are hitting affluent, gated communities as criminals use remote video camer …