In a cybersecurity environment in which bad actors pounce on published software vulnerabilities, patching those flaws as quickly as possible is critical. That becomes even more important with a distributed workforce that can be difficult for IT to manage.
However, over 70% of organizations lack automated patch management for at least some systems, and 62% suffered security incidents involving a known vulnerability that had an available patch that was not yet deployed, according to a new report from cloud-based remote monitoring and management provider Action1 Corp.
The firm’s survey of nearly 500 global IT professionals detailed the struggles associated with patch management in the distributed workforce and increasingly dangerous threat landscape, which includes taking a manual approach to patch management to at least some systems, which 73% of organizations said they do.
According to the report, 59% automate patching for OS updates only and manage patches for other software products manually, while 14% manage all patches manually.
The firm’s report places OS patching as the top priority for patch management, but says the average enterprise has more than 460 applications deployed, so taking a manual approach to other applications presents a huge risk.
Of the 62% that said they suffered a security incident due to an unpatched vulnerability, the most common types of attacks were malware (41%), phishing (31%) and man-in-the-middle (21%).
The report also provides insight on just how difficult remote work has made it for IT pros, as patching takes 2.5 times longer when endpoints are remote, and resolving IT support requests takes twice as long for remote employees.
For office-based endpoints, it takes an average of four days to patch a critical vulnerability, but that jumps to 10 days for remote endpoints.
However, 74% said they have automated remote software deployment, but many lack visibility and control over remote endpoints, as 35% said they are unable to spot unwanted software on remote endpoints.
The firm’s report included a set of four recommendations, including:
- Improving and automating critical aspects of remote IT management, especially software patching.
- Gaining visibility into and control over remote endpoints.
- Investing in cybersecurity awareness education for all employees.
- Implementing an actionable incident response plan.