Home Security

The Critical Need to Patch Vulnerabilities ASAP

Karen A. Frenkel Avatar

By

Karen A. Frenkel

Updated on:

Get the free newsletter

Subscribe to Daily Tech Insider for top news, trends, and analysis.

This field is required This newsletter requires you to opt in to subscribe.

The Critical Need to Patch Vulnerabilities ASAP

The Critical Need to Patch Vulnerabilities ASAPThe Critical Need to Patch Vulnerabilities ASAP

Security leaders struggle to implement vendor-supplied patches, but virtual patching can help prevent both lost revenue and lost user productivity.

Dwell TimesDwell Times

Dwell time is the total time in days from the attack compromise to defender detection. Median attacker dwell time for data breaches between 2014 and 2016 was 38 days.

Time-to-Breach DetectionTime-to-Breach Detection

It took defenders 5 to 6 weeks or less to detect half of successful data breaches. In the other half, detection took as long as four years.

Time Lag's Effect on RiskTime Lag’s Effect on Risk

A Monte Carlo analysis found that the business impact of a breach is greatest at the beginning of the exploit. Faster detection and response time reduce the impact. Responding twice as fast can lower the business impact by 30%.

Incident Detection and ResponseIncident Detection and Response

The study found that being twice as fast at threat detection and incident response lowers the business impact of an attack by 70%.

Time, Cost and ComplexityTime, Cost and Complexity

Considering the time, cost and complexity of a vendor patching approach to databases and applications, 220 to 660 vendor patches per year with a median value of 410 are needed. This equals 910 hours annually of disruption to databases and applications.

Impact on Revenue and ProductivityImpact on Revenue and Productivity

The business impact of disruption on revenue and productivity on a traditional vendor patching approach is between 1% and 8% of annual revenue, with a median of 4%.

Value of Virtual PatchingValue of Virtual Patching

Sometimes known as external patching or vulnerability shielding, virtual patching provides a window of vulnerability that is substantially shorter than the vendor patching approach.

Virtual Patching Minimizes ImpactVirtual Patching Minimizes Impact

Virtual patching was found to minimize the two biggest contributors to the total annual business impact of patching: lost revenue and lost user productivity.

RecommendationsRecommendations

To recapture the advantage of time in the face of cyber-security risk, focus on capabilities designed to:
Reduce the likelihood and business impact of attacks, while. shortening detection and response times.
Maintain the productivity of users.
Increase the productivity of defenders.

Previous article

Next article

Karen A. Frenkel Avatar
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Related Articles