Sophisticated malware and ransomware attacks have been on the increase in recent years, with cyber-crime predicted to cost $6 trillion a year by 2021.
When WannaCry hit in May 2017, it was the biggest known cyber-attack in history, affecting over 200,000 systems in over 150 countries and costing an estimated $8 billion. The following month, NotPetya cost a further $850 million and affected businesses, public institutions and major infrastructure facilities (such as airports and metro stations) across the world. While the physical cost of a cyber-attack can be high, the reputational damage can harm an organisation’s credibility and lead to loss of consumer trust.
Both of these attacks shared a common theme; they exploited known vulnerabilities and could have been prevented. Ransomware and malware are continually evolving, and organisations should ensure they have adequate patch management policies and procedures in place to keep their systems and data safe.
Staying prepared for a cyber-attack
Patch management involves updating software to address vulnerabilities in a programme or operating system. A robust patch management process should incorporate three key components:
A patch management policy is crucial to the basic upkeep of any IT network. It enables an organisation to have better supervision of their data resources, ensuring they align with regulatory requirements and broader governance controls. It also enables a swift response to cyber threats or incidents, outlining clear guidelines to follow in the event of a security breach. Without this, the potential cost of a breach can quickly escalate. An effective patch management policy should include a detailed analysis of:
- information relating to current and future security threats;
- the most recent patches available; and
- how these relate to the specific environment in which an organisation operates
- A team or individual with oversight for patch management is essential to support the effective application of the patch management policy. Every organisation, regardless of their size, should allocate responsibly for the security and maintenance of systems and applications. This also includes updates and revisions to the existing policy.
- The use of automated tools can streamline the patch management process and apply patches promptly, limiting the amount of time an identified vulnerability can be exploited. With a high volume of patches being released every month, automated tools ensure they are implemented and improve productivity within the information security department.
A combination of these three elements form the basis of an effective patch management strategy, helping to mitigate the risk of a cyber-breach. Regardless of an organisation’s size or business sector, the consequences of a cyber-attack can be high and effective patch management should be seen as an essential aspect of any cyber security framework.