We just raised a $30M Series A: Read our story
2020-06-03T18:33:00Z

Why is patch management important for cybersecurity?

38

Hello peers,

Patching is considered important for improving and maintaining software security. 

What are the risks associated with NOT performing regular patching on existing software? How does patch management make this process easier?

ITCS user
Guest
45 Answers

author avatar
Top 5LeaderboardReseller

Software security should be addressed under three heads - Patch status, Configuration status and Vulnerability status.


Patch Compliance: ensures that "all known issues" with the software are addressed. Please do note that the software can mean - Operating system software or Application Software.


Configuration hardening: ensures that the software is configured to use "best security practices" to use the software. This may include password aging settings, password complexity settings, role-based user access, file permission settings. Please do note that even though the software has the latest patch, a weak security configuration can open doors for bad actors.


Vulnerability status: While Patching and Configuration settings may help address security issues that are of the known category, it is important to scan the software using VA tools to identify open vulnerabilities that may not have a patch or maybe a security setting workaround. 

2021-08-12T06:27:14Z
author avatar
Top 5Real User

The risk of not patching: 


-incompatibility between applications and the OS, or 3rd-party software,


-remote access/access in general to your network and ability to exploit, disrupt, steal IP, hold data hostage, or steal CCD or other compliance data (HIPAA, SOX, lab, research, etc)


-email and BEC compromise


So if you like spam or ransomware, go ahead and click on those embedded links on your unpatched PC. :)

2021-08-10T12:40:09Z
author avatar
Top 5LeaderboardReseller

Not Patching is like driving a car without a spare wheel in a jungle terrain. Regular patching safeguards you from at least the known perils.

2020-08-13T04:36:32Z
author avatarRony_Sklar
Community Manager

@Ravi Khanchandani ​I love this - such a simple way of explaining the importance of patching.

author avatar
User

Patching is the cornerstone of cyber hygiene. Due to the sheer volume of new vulnerabilities, the only way to achieve security is by using intelligence and automation in the patching process. Thus, every organization must remediate vulnerabilities on a regular basis to safeguard from cyber threats.

2020-08-14T06:45:47Z
Find out what your peers are saying about Microsoft, Atera, Quest Software and others in Patch Management. Updated: October 2021.
542,608 professionals have used our research since 2012.