Page 40 - Cyber Defense eMagazine for July 2020
P. 40
The Ongoing Patching and Configuration Crisis
When you couple new potential entry points for hackers to exploit along with the fact that organizations
report taking up to 102 days for patches to be applied and tested, it is apparent that the enterprise attack
surface is growing at an unprecedented rate.
To fully understand the scope of the issue, look no further than three years ago with the WannaCry
ransomware attack. The ransomware was able to spread rapidly by exploiting a known vulnerability that
was left unpatched in a large majority of organizations for months – leading to one of the most notorious
hacking events of our lifetime.
Research for the Automox Cyber Hygiene Index also confirmed that four out of five organizations have
suffered at least one data breach in the last two years. When asked about the root causes, respondents
placed phishing attacks (36%) at the top of the list, which is to be expected. Social engineering attacks
continue to be a favorite initial vector that attackers use.
The surprising part of the results is that the majority of breaches could have been prevented with basic
cyber hygiene practices in place. The other top causes were missing operating systems patches (30%),
missing application patches (28%), and operating system misconfigurations (27%) – all of which are
fundamentals of proper endpoint hardening.
The Industry is Failing to Keep Up
Adversaries are weaponizing new critical vulnerabilities within 7 days on average. And zero-day
vulnerabilities are already weaponized at the moment of disclosure, yet companies are known to take
weeks and in some cases months to deploy patches.
For this reason, a 24 / 72 threshold for endpoint hardening is imperative. If organizations can commit to
eliminating zero-day exploits within 24 hours and other critical vulnerabilities within 72 hours, they’ll
prevent weaponization and ultimately better protect their critical assets.
According to the recent survey, the industry is still catching up to meet this ambitious patching standard.
Only 42 percent of companies can patch remote endpoints within three days and 15 percent within one,
highlighting the struggles companies face with patching and hardening endpoints in remote
environments.
Embracing Newer Technologies to Help
One of the more positive outcomes from the research is that companies are increasingly embracing
automation as a potential antidote for the security challenges that they are currently facing.
The findings showed that 96 percent of organizations have deployed some automation for endpoint
patching and hardening, yet only 23 percent are fully automated.
Cyber Defense eMagazine –July 2020 Edition 40
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.