How the patch management closes the faster door of attackers

ByAdmin
Rate this post


This article is part of the special issue of Venturebeat, “The Cyber ​​Resilience Playbook: Navigation in the New Age of Threats.” Read more of this A special number hereS

The deposition of gluing kills more networks and damage more companies than any zero -day service or advanced cyberattack.

The satisfaction kills – and brings a high price. DOWN-REV (the presence of old patches on the spot that are “revision down”) or no patch at all is how to install the ransom, data violations occur and companies are fined for compliance. It is not a question whether a company will be broken, but when – especially if they do not prioritize the patch management.

Why so many security teams delay – and pay a high price

Let’s be honest about how to perceive the swelling in many Security teams And in IT organizations: It is often delegated to employees, appointed with the worst, secular tasks of the department. Why? Nobody wants to spend their time on something that is often repetitive and sometimes manually intense, but still requires complete focus to be done properly.

Most security and IT teams say VentureBeat with confidence that the blink is too much time and takes more interesting projects. This is so In accordance with a survey of Ivanti This found that the majority (71%) of IT and security professionals believe that blushing is too complicated, cumbersome and time consuming.

Remote work and decentralized workspaces make the glue even more complicated, 57% of security professionals report. Also, in accordance with what Venturebeat hears from security teams, Ivanti found that 62% of IT and security leaders admit that Patch management occupies the back of other tasks.

The truth is that the inventory of the device and the manual approaches to control the patch have not been up to date for some time (years). Meanwhile, opponents are busy improving their sales ship, creating armed models in large languages ​​(LLM) and attack applications.

Not a patch? It’s like removing the lock from your front door

Crime waves hit wealthy, closed communities such as criminals Use remote camcorders For 24/7 observation. Leaving the home unlocked without a security system is an open invitation for robbers.

Not the blinking endpoints is the same. And, let’s be honest: any task that is likened and pushing out the lists of action items will most likely never be fully fulfilled. Opponents improve their commercial operations all the time by studying common vulnerabilities and exposures (CVE) and finding lists of companies that have these vulnerabilities – which makes them even more susceptible to goals.

Gartner often weighs on his studies and considers it part of their coverage of vulnerability. Their recent study, Top 5 elements of effective vulnerability managementStresses that “many organizations are still incorrectly discarding exceptions, leading to missing or ineffective mitigation and increased risk.”

Improper management begins when the teams deprioritize a patch and look at the manual processes “good enough” to complete increasingly complex, challenging and secular tasks. This is getting worse with the Siled teams. Such bad management creates exploitation gaps. The old mantra “Scan, patch, rescan” is not scale when opponents use AI and generative AI attacks to scan for endpoints to focus on the speed of the machine.

Gigaom’s Radar to Unified End Point Management (Uem) The report further emphasizes how the patch remains a significant challenge, with many suppliers struggling to provide consistent application, device driver and firmware. The report calls on organizations to consider how they can improve patch management as part of a broader effort to automate and scales vulnerability.

Why the traditional patch management fails in today’s landscape of the threat

Patch management in most organizations starts with planned monthly cycles that rely on a static common vulnerability assessment system (CVSS) Weight results to help prioritize vulnerabilities. Opponents move faster and create more complex threats than CVSS results can be up -to -date.

As Carl Tribs, Ivanti’s CPO, explained: “Relying solely on gravity assessments and the fixed monthly cycle puts organizations at an unexpected risk. These estimates ignore the unique business context, security gaps and developing threats. “In today’s fast -moving environment, static results cannot capture the nuanced risk of the organization.

The Gartner frame emphasizes the need for “advanced prioritization techniques and automated workflows that integrate the criticality of assets and active threats to direct limited resources to vulnerabilities that really matter.” The Gigaom report similarly notes that while most UEM solutions support OS patch, less provide a “patch of third-party applications, device drivers and firmware”, leaving gaps that seek to operate.

Based on risk and continuous patch management: a more intelligent approach

Chris Gotl, Vice President of Ivanti’s Security Product Management Products, explained to Venturebeat: “Prioritization of the risk -based patch exceeds CVSS grades by considering active operation, intelligence of threat and asset criticality.” Accepting this more dynamic approach helps organizations to anticipate and respond to real -time risks, which is much more effective than using CVSS results.

The Tribbles expanded: “Relying solely on gravity assessments and the fixed monthly cycle puts organizations at a risk. These estimates ignore your unique business context, security gaps and developing threats. “Prioritization itself is not enough.

Opponents can quickly arm the vulnerabilities within hours and have Proven that Genai It makes them even more effective than in the past. Ransomware strikers find new ways to arm the old vulnerabilitiesS Organizations after monthly or quarterly patch cycles may not be up to date with the pace of new commercial operations.

Machine -based patches (ML) patches have long been able to prioritize patches based on current threats and business risks. Regular maintenance guarantees compliance with PCI DSS, HIPAA and GDPR, while AI automation overcomes the difference between detection and reaction, reducing exposure.

Gartner warns that reading manual processes creates “difficulties, slows down the zero day, and leads to lower priorities, while actively operating vulnerabilities remain unreasonable.” Organizations must switch to a continuous, automated patch to keep up with opponents.

Selection of the right patch management solution

There are many advantages of integrating Gen AI and improving long -standing ML algorithms that underlie automated patch management systems. All suppliers competing on the market have road cards including these technologies.

Thehe Gigaom Radar for Patch Management Decision report Emphasizes the technical strengths and weaknesses of the suppliers of the best patches. It compares suppliers, including Atera, Automox, BMC Client Management Patch, powered by Ivanti, Canonical, Connectwise, Flexera, GFI, ITARIAN, SECEYA, SYE, NINJ, NINE, NINE Tanium.

The decisions of the Gigaom radar suppliers in a series of concentric rings, such as those that are closer to the center, considered a higher total value. The graphics characterize each two -axis supplier – balancing “maturity” against “innovation” and has a “game” against the “Play Play” on the platform – while providing an arrow that designs the evolution of each decision in the next 12 to 18 months.

Gartner advises security teams to “use risk prioritization and automated work process tools to reduce the retracting time” and every supplier in this market reflects that in their road cards. The strong patch strategy requires the following:

  • Strategic implementation and automation: mapping critical assets and reducing manual errors through AI-moving automation.
  • Risk -based prioritization: Focusing on actively operated threats.
  • Centralized management and continuous monitoring: consolidation of patch efforts and maintaining real -time security.

By equalizing patch strategies with these principles, organizations can reduce the workload of their teams and build a stronger cyber resilience.

Patch management automation: Real -time success measurement

All suppliers competing in this market have achieved a basic level of performance and functionality, optimizing validation, testing and implementing the patch. By comparing the patch data with the activity of operation in the real world, suppliers reduce the average time of customers to removal (MTTR).

Measurement of success is crucial. Gartner recommends tracking the following (minimum):

  • Average Package Time (MTTP): The average time to recover vulnerabilities.
  • Patch cover percentage: the proportion of patch assets according to vulnerable.
  • Window reduction: time from disclosure of vulnerability to removal.
  • Impact on risk reduction: The number of actively used vulnerabilities glued before incidents.

Automation of patch management – or lag behind

Patch is not the security team security teams just have to go after other tasks have completed a higher priority. It must be mainly to maintain a business alive and without potential threats.

To put it, the patch is at the heart of cyber resilience. Still, too many organizations have been derooritizing it, leaving some vulnerabilities wide open to attackers who are increasingly using AI to strike more than ever. CVSS static results have proven that they cannot continue, and fixed cycles have become more responsibility than an asset.

The message is simple: when it comes to a patch, complacency is dangerous – it’s time to make it a priority.

 
Report

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *