It’s 5 pm and you’re rushing to make your way out of the office to head home—you see the traffic on the beltway is continuing to build outside your office window, and you’re trying to save everything on your computer and shut it down so you can beat the rush home.
All of a sudden, you see an odd window pop up on your computer screen warning you that your files are being hijacked and it will take $10,000 in bitcoin to get it back. You try to close out the window but your computer is now freezing up.
You hear the screeching of horns beginning to honk and see that a car accident has now brought traffic to a standstill. Muttering under your breath, you hit the power key on your computer to shut it down, but no luck. You remember seeing an email about having to download a critical security patch from the other day, but you had to meet a friend for dinner and thought it could wait another day.
Unfortunately, that update couldn’t wait—and now your files and your company are at risk of data loss.
Welcome to the world of patch management! Multiply this one computer by every workstation, every legacy, and cloud-based application, and we start to paint the picture as to what patch management can look like across the enterprise.
Often, these are security patches that would keep your organization safe from hackers. Research from Verizon and Gartner finds that we are still struggling to get enterprise management right, even if we know we are vulnerable to cyberattacks that could steal customer information and intellectual property.
The 2018 Verizon Data Breach Investigation found that cybercriminals are still successfully using the exact same hacking techniques we’ve known about for years such as phishing, distributed denial of service, and malware. The report also found that 99% of the exploited vulnerabilities in the study were already more than a year old with a published software security patch – essentially, we all knew about the vulnerabilities long before it was exploited by a hacker.