The Critical Need to Patch Vulnerabilities ASAP

By

Karen A. Frenkel

July 24, 2017

Updated on:

May 12, 2021

The Critical Need to Patch Vulnerabilities ASAP

Security leaders struggle to implement vendor-supplied patches, but virtual patching can help prevent both lost revenue and lost user productivity.

Dwell Times

Dwell time is the total time in days from the attack compromise to defender detection. Median attacker dwell time for data breaches between 2014 and 2016 was 38 days.

Time-to-Breach Detection

It took defenders 5 to 6 weeks or less to detect half of successful data breaches. In the other half, detection took as long as four years.

Time Lag’s Effect on Risk

A Monte Carlo analysis found that the business impact of a breach is greatest at the beginning of the exploit. Faster detection and response time reduce the impact. Responding twice as fast can lower the business impact by 30%.

Incident Detection and Response

The study found that being twice as fast at threat detection and incident response lowers the business impact of an attack by 70%.

Time, Cost and Complexity

Considering the time, cost and complexity of a vendor patching approach to databases and applications, 220 to 660 vendor patches per year with a median value of 410 are needed. This equals 910 hours annually of disruption to databases and applications.

Impact on Revenue and Productivity

The business impact of disruption on revenue and productivity on a traditional vendor patching approach is between 1% and 8% of annual revenue, with a median of 4%.

Value of Virtual Patching

Sometimes known as external patching or vulnerability shielding, virtual patching provides a window of vulnerability that is substantially shorter than the vendor patching approach.

Virtual Patching Minimizes Impact

Virtual patching was found to minimize the two biggest contributors to the total annual business impact of patching: lost revenue and lost user productivity.

Recommendations

To recapture the advantage of time in the face of cyber-security risk, focus on capabilities designed to:
Reduce the likelihood and business impact of attacks, while. shortening detection and response times.
Maintain the productivity of users.
Increase the productivity of defenders.

Karen A. Frenkel

Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Latest Articles

Security

Storage Vulnerabilities: The Neglected Cybersecurity Frontier

Drew Robb

–

September 7, 2022
Enterprise Apps

7 Principles of Quality Management

Kara Sherrer

–

September 2, 2022
Big Data

Domo vs Tableau: Which is the better BI solution?

Madeline Clarke

–

August 26, 2022

The Critical Need to Patch Vulnerabilities ASAP

Latest Articles

Storage Vulnerabilities: The Neglected Cybersecurity Frontier

7 Principles of Quality Management

Domo vs Tableau: Which is the better BI solution?

Related Articles

Storage Vulnerabilities: The Neglected Cybersecurity Frontier

NGFW vs UTM: Differences & Use Cases

Top Next-Generation Firewall (NGFW) Software

Perimeter 81 vs NordLayer: Network Security Comparison

The Critical Need to Patch Vulnerabilities ASAP

Get the Free Newsletter!

Latest Articles

Storage Vulnerabilities: The Neglected Cybersecurity Frontier

7 Principles of Quality Management

Domo vs Tableau: Which is the better BI solution?

Related Articles

Storage Vulnerabilities: The Neglected Cybersecurity Frontier

NGFW vs UTM: Differences & Use Cases

Top Next-Generation Firewall (NGFW) Software

Perimeter 81 vs NordLayer: Network Security Comparison