Patch Management plays a crucial role in mitigating cyberattacks and vulnerability management.
Without patches, your systems are open to hackers and cybercriminals who will exploit vulnerabilities and cause costly damage to you and your users. But with a regular patching schedule, you can keep your systems secure, compliant, and running smoothly 24/7.
And when we look at the increasing amount of remote employees organisations are experiencing post-COVID, leaders need to look at their cyber security through this evolving lens.
What role does cyber security and Patch Management have in the future of remote work?
When you have a large percentage of your employees working from home, this can throw up extra cybersecurity challenges.
But it is critical that you keep on top of Patch Management rather than pushing it to the bottom of our priorities. Just because you haven't yet had an attack, this false sense of security can lead to your systems becoming more vulnerable.
Research from CSO Australia shows that an alarming 60% of breaches in 2019 involved the exploitation of unpatched vulnerabilities. CA Veracode research backs this up with data showing that close to 55% are not resolved three months after discovery. The data also shows that 1 of 3 breaches are caused by unpatched vulnerabilities and lack of visibility.
The perils of complacency
At The Missing Link, we do see examples of where Patch Management has taken a back seat, often because there is a false sense of security due to no or minimal previous breaches.
Unfortunately, this leads to a lack of visibility of the true patch status, which leaves organisations unknowingly exposed to exploitation by adversaries. Visibility is the key and knowing what software and applications your workforce uses are essential.
While this can be tricky in the remote working context, it's not difficult for organisations that have a robust Patch Management strategy that includes remote management. And seeing as remote workforces that need remote access seems to be a permanent reality, leaders must take charge in setting out how they will achieve remote patch management compliance in their organisations.
Patch management strategies for remote workforces
The best way to approach a remote patching strategy is to automate it where possible and then work with your employees to deliver a regular schedule of patching updates.
By optimising patching software, organisations can make the whole strategy run smoothly, even with remote devices posing some additional challenges. And a robust strategy should be holistic and cover all areas of a possible attack. This allows you to identify the true patch status of all your systems (from the cloud to the endpoint).
Many organisations now follow the ASD8 preventive measures, which is a set of strategies aimed at mitigating up to 85% of targeted attacks on your business. ASD8 refers to the Essential Eight which the Australian Cyber Security Centre (ACSC) has developed to prioritise mitigation strategies. At its core is a minimum set of preventative measures that organisations need to implement:
- Execution of only whitelisted applications
- Automatic application patching
- Hardened browser and application security
- Microsoft Office Suite macro disabling
- Automatic operating system patching
- Multi factor authentication (MFA)
- Restricted administrator roles and access controls
- Daily backups
It is important to note that while the Essential Eight can help to mitigate a cyber threat, it will not mitigate all security risks. So, we need to look at additional mitigation strategies and security controls.
How else can organisations run Patch Management effectively with a remote workforce?
Effective Patch Management relies on a range of strategies. So, as well as regularly scheduled patch updates, how else can IT and security teams run Patch Management effectively with a flexible/remote workforce?
At The Missing Link we will consider some or all the following strategies:
- Minimising the number of employees using personal devices (including a mobile device)
- Implementing two-factor authentication for the VPN
- Working collaboratively with technical teams to ensure a common language and to hold teams accountable
- Further monitoring and health checks can be scheduled for after the patching window has concluded
- Regular compliance checks and incident reporting on remote endpoints
Because best practice Patch Management ensures critical vulnerabilities are identified and remediated quickly before they can be exploited, our team can use these strategies to enhance your organisation's security by quickly remediating security vulnerabilities that would otherwise put your people and processes at risk of cyber attack.
This is essential as cybercriminals become increasingly efficient in taking advantage of errors in software updates and your remote teams.
Why is patching often overlooked by businesses? That is the multi-million-dollar question. The average cost of a data breach for the year 2020 is reported as $3.35M - an increase of 9.8 per cent year-on-year - and while patching doesn't make you bulletproof it will help.
We offer Patch Management as a Service to help those organisations who lack the resources to stay on top of all the security patches and updates that need to be applied. Learn more about how our Patch Management as a Service can secure your remote systems.
If you liked this article, you may also like:
Is it time to ditch password-based authentication in favour of your customers?
How cyber security impacts your SEO strategy
The challenges of running a modern day SOC
