Unpatched vulnerabilities remain one of the top security threats for organizations, despite the rise of sophisticated cyber attacks.
According to DSIT, 22% of businesses and 14% of charities experienced cybercrime in the last 12 months, with actual numbers likely higher due to underreporting.
Key Statistics
- 60% of breaches are due to unpatched vulnerabilities
- 57% of breaches could be prevented with prompt patching
- One-third of ransomware attacks start with an unpatched vulnerability
Vulnerability Exploitation
Criminals often exploit newly released patches, with the NCSC noting that exploits appear on criminal forums within a week of patch release. This is why applying security updates within 14 days is crucial for Cyber Essentials certification.
High-Profile Examples
- An unnamed Russian-backed cyber criminal group, primarily penetrates systems through unpatched vulnerabilities.
- Romanian hackers took over Washington DC's CCTV systems due to unpatched computers.
Best Practices
- Implement a robust patch management system covering all endpoints
- Ensure your IT provider provides compliance reports and regular checks
- Use effective Mobile Device Management systems
- Don't delay rebooting devices to apply updates
Maintaining up-to-date systems is a critical component of cybersecurity, protecting against known vulnerabilities and reducing the risk of successful attacks.
If you need any assistance in checking if your systems are up-to-date, we offer Remote Media Management as part of our packages which includes Automatic Software Patch Management to keep your systems secure.
