Monday, 28th September 2020

Half of IT professionals struggle to keep up with enterprise patching

Tripwire has published the results of an extensive study conducted by Dimensional Research and Tripwire’s Vulnerability and Exposure Research Team (VERT) on the state of enterprise patch management. The study evaluated the attitudes of over 480 IT professionals involved in patch management and assessed enterprise patch volume and installation trends.

Patch management plays a critical role in minimizing security risk for enterprise information technology systems. However, according to Tripwire's study, half of the respondents admitted there are times their teams struggle to keep up with, or found themselves completely overwhelmed by, the volume of patches.

"The relationship between patches and vulnerabilities is far more complex than most people think,” said Tim Erlin, director of IT risk and security strategist for Tripwire. “Sometimes patches fix multiple vulnerabilities on specific platforms, but not others. There can be confusion between patches and upgrades, or patches and upgrades may address different, but overlapping sets of vulnerabilities. As the complexity of patch management continues to evolve, it has become more difficult for enterprise patch management teams to achieve and maintain a fully patched state."

Additional findings from the study include:
  • Fifty percent of respondents believe that client-side patches are released at an unmanageable rate.
  • Fifty percent feel their IT teams don't understand the difference between applying a patch and remediating a vulnerability.
  • At least some of the time, 67 percent said they have difficulty understanding which patch needs to be applied to which system.
  • Eighty-six percent said embedded products such as Adobe Flash patches released with Google Chrome updates make it more difficult to understand the impact of a patch.
"When we began this research, we expected patch fatigue to affect a small portion of the industry," said Tyler Reguly, manager of Tripwire VERT. "Instead, we discovered that it is a broad, sweeping issue affecting a wide range of organizations."
ConnectWise, the leading provider of intelligent software and expert services for technology solutio...
MobileIron has published the results of a new consumer sentiment study, which revealed QR codes are...
New report underscores the importance of layered security as zero day malware variants, JavaScript m...
Positive Technologies has released its most recent Cyber Threatscape report, an analysis of Q2 2020...
Report on government cyber security shows phishing, remote working and election security are common...
Atos to deliver digital, integrated and cybersecurity solutions to support Siemens digital strategic...
CipherTrust Data Security Platform enables businesses to discover, protect and control sensitive dat...
Cybersecurity remains a top priority for SMBs worldwide, as revealed in a survey conducted by Vanson...