Patch management: what it is, and why it matters

Patch management: what it is, and why it matters
The regular application of security patches could make the difference in your fight against cyber criminals.

Amid media coverage of cyber breaches, it’s easy to forget how simple the causes can be. Similarly, it’s easy to forget how simple some of the protection measures can be.

Take patch management – the process of regularly and consistently applying software updates and patches.

This is a critical security precaution that removes many of the vulnerabilities that cyber criminals target. Yet this precaution is not always taken – in some cases leading to serious disruption and financial loss.

Patch management removes many of the vulnerabilities that cyber criminals target.

For example, the Equifax data breach – compromising the personal data of 143 million US and over 400,000 UK citizens – was caused by attackers exploiting an unpatched critical vulnerability (in Apache Struts) to steal data.

A few months earlier, the WannaCry ransomware outbreak successfully targeted unpatched systems. Many other recent ransomware attacks – such as Petya ransomware and Bad Rabbit – also had the capacity to exploit unpatched systems.

Protecting yourself

A patch is a piece of code that can be applied to software in order to correct issues after it has been installed. Think of it like a replacement of an old car part.

Patches are sometimes necessary because no software is flawless. In fact, the more complex a software program, the more code it contains and the more likely it is that errors will creep in. And as soon as software gets released, there are hackers looking to exploit such vulnerabilities.

As soon as software gets released, there are hackers looking to exploit such vulnerabilities.

Unfortunately, many companies struggle to patch security issues when a fix becomes available. For instance, the Apache Struts vulnerability was disclosed and an update issued in March 2017. Equifax previously said the intrusion into its systems began in mid-May – suggesting the vulnerability may have been left unpatched for at least two months.

By following some simple steps, companies can ensure their operating systems are supported and up to date:

1. Identify all the software used on your systems – not just Microsoft, but also Adobe, Apache and so on.

2. Monitor the release of new patches from vendors (specifically security patches, rather than feature patches).

3. Apply security patches as soon as feasible. The software vendor will often assign a criticality that will help you identify the severity of the issue. This is also useful in prioritisation if you have multiple patches to implement but do not want or cannot deploy them at the same time. If you implement a patch without testing it, however, it could cause an operational issue with your service, so it’s generally best practice to test it first.

4. Deploy vulnerability scanning to ensure the patches have actually been installed.

A look at recent high-profile cyber breaches suggests patch management will only become more critical. In fact, insurers have recently grown particularly sensitive to its importance to cyber companies’ security, and now invariably ask companies seeking cyber insurance about the nature and quality of their patch management.

No company can be 100% safe from cyber breaches. A few simple steps taken in a timely fashion, however, will certainly leave you less exposed.

 

For more information, please contact Peter Erceg on:

Peter.Erceg@uk.lockton.com

+44 (0)20 7933 2608

Similar articles

Car Traffic
Insight

UK court decision set to boost motor premiums

Motor premiums in the UK are likely to rise after a court decision adds liabilities to the Motor Insurers’ Bureau (MIB) which is ultimately financed by all insured motorists.

D&O
Video

If you had a D&O claim, would your insurance come good?

Some D&O insurance policies may be less robust than you imagine.

Patently problematic: why protecting your IP matters more than ever
Insight

Patently problematic: why protecting your IP matters more than ever

Ideas increasingly fuel business success, yet your IP might be less well protected than you think. By Carlo Ramadoro, Global Professional & Financial Risks, Lockton Companies LLP

How hackers could tamper with your food
Insight

How hackers could tamper with your food

The temperature of more food is being controlled centrally. If these control systems were hacked, the damage could be severe.