Red Mosquito - Blog
Report highlights cyber security risks from weak patching strategy
We have long extolled the importance of ‘patching’ as a key weapon in your cyber-security arsenal. For those unfamiliar, patching is the term used to describe updates issued by vendors, commonly to fix or ‘patch’ newly discovered security vulnerabilities in their product. As an IT Support provider, we take care of patching for all of our IT Support customers in Glasgow, Edinburgh and throughout the UK. We make sure the patches are applied soonafter release (to use an obvious proverb “a stitch in time saves nine”). So, our IT Support customers have peace of mind that that aspect of their cyber security is covered. However, patching is easily overlooked and can create risk within your systems which can be exploited in years to come, when the patch issue itself is nothing but a distant memory. A recent report by Bitdefender states that in the first 6 months of 2020, a shocking 64% of unpatched IT vulnerabilities dated from between 2002 and 2018. This means that the organisations have been exposed to potential cyber attacks for an extraordinarily long period of time. Don’t let this happen to you! Speak to one of our IT Support Consultants about our managed patching services and other cyber security products we offer to reduce the risk of a cyber attack.
It is worth noting that patching is one of the 5 key cyber security controls addressed by the Cyber Essentials scheme. It is a cyber security basic which businesses shouldn’t get caught out by – but time and time again they do. This is because, although it is a basic cyber security control, it isn’t easy to do. A failed patch roll out can be as damaging as a cyber attack. so you need to get it right.
The problem with patching
Patching effectively depends on you having accurate knowledge of the content of your IT estate. Over the years hardware and software is often added in a piecemeal fashion with managers losing sight of all the pieces that make up the puzzle of their IT infrastructure. This can cause serious problems when applying patches. You need to know what systems you have and how they work together. The first step is to compile an accurate IT Asset Register and put in the work to ensure it is kept up to date, enabling you to manage your IT assets. We do this for all of our IT Support customers in Glasgow & Edinburgh. Be mindful that vendors don’t issue patches for their product when it is ‘no longer supported’ (often by 5 years after issue). Which is yet another reason to ensure your IT Asset Register is up to date and your IT estate is managed – unsupported technology introduces unnecessary risk.
However, the task of patching can be time consuming. Even now, some patches need to be applied manually and you will usually want to test the patch before a large roll out to make sure it doesn’t cause more IT problems than it fixes. A good IT Support provider will do all of this for you and make sure your patching strategy works.
Why don’t you speak to one of our IT Support consultants today about the package of cyber security products which best suits your need?
Understanding the Microsoft Outages: What You Need to Know
Explore the recent Microsoft outages, their impact on services, and what steps you can take to mitigate such disruptions.
Crafting a Robust Disaster Recovery Plan for SMEs
Discover how to shield your SME from catastrophic data losses with a comprehensive disaster recovery plan.
AI Revolution: Transforming UK Businesses with Microsoft Copilot
Explore the transformative power of Microsoft Copilot in revolutionising UK businesses and driving growth and efficiency.
Best Practices for Effective Cyber Security Assessments
Explore the essential best practices for conducting effective cyber security assessments to protect your organisation from potential threats and vulnerabilities.