Cyber security attacks on high-profile corporate businesses and public organisations will always hit the headlines
Last year, WannaCry brought organisations across Europe to a standstill, including the UK’s National Health Service, causing huge uproar and external scrutiny. An almost continuous stream of attacks continues to challenge cybersecurity teams, who are tasked with protecting the personal data of millions of consumers and customers.
Yet the vast majority of the attacks that are bringing organisations to their knees are caused by outdated software or a recognised vulnerability in an application — something that could have been avoided entirely with the right approach to patch management.
Research carried out among 3,000 security professionals by ServiceNow in 2018, in conjunction with the Ponemon Institute, reveals that more than half of organisations have experienced a breach in the last two years. That’s despite spending on average 319 hours a week — the equivalent of eight full-time employees — managing the vulnerability process.
It’s clear from the research that security strategies continue to be lacking — a worrying trend given the consensus among security professionals that hackers are outpacing organisations with technologies such as machine learning and artificial intelligence.
The economic impact is also significant. Even for a breach of as little as 10,000 records, the cost is around $2.8 million. Scale that to millions of records, and the bottom line impact is enormous and the situation is only set to get more challenging.
Here are four ways to act now to bolster your approach to protecting your organisation:
1. Don’t ignore security patches
This first point may seem glaringly obvious, but it’s amazing how many businesses don’t act on the updates that are available to them. ServiceNow’s security report found that 59% of UK organisations said they have been breached in the last two years because of a vulnerability for which a patch was already available.
This isn’t an issue that is hard to overcome either. If you don’t already scan for vulnerabilities, then make this your top priority and make sure you are get your house in order.
2. Accelerate your vulnerability management approach
Most companies seem to understand the threat landscape, but simply don’t have the ability to move quickly enough to mitigate the risks. A majority of organisations seem to be effective at detecting vulnerabilities, but 55% say they find it difficult to prioritise what needs to be patched first and only a third of security professionals rate their ability to patch in a timely manner.
There’s clear evidence that an accelerated response approach is far more effective. UK organisations that avoided breaches rate themselves 33% higher on their ability to patch quickly than organisations that have been breached.
3. Remove manual processes
UK security teams have lost an average of 11 days in the coordination of patching activities across their teams, with the majority agreeing they spend more time navigating manual processes than responding to vulnerabilities. It’s not surprising, given that most organisations are using manual processes to deal with these vulnerabilities.
More than half (57%) of security professionals say these labour-intensive processes are putting their organisation at a disadvantage, by slowing down the identification of and response to threats. By defining and optimising an end-to-end vulnerability response driven by automation, organisations can ensure fast identification and mitigation of threats, and create a highly-efficient approach that generates time for cybersecurity teams to fulfil their other responsibilities.
4. Don’t hire more talent
Three-quarters of security professionals say they don’t have enough resources to keep up with the volume of threats and patches. Currently, organisations spend about 320 hours on average each week on vulnerability management so, on the face of it, hiring more cybersecurity talent to cope with this demand seems to be an obvious solution.
As many as 64% of organisations are looking to hire additional resources specifically for patching in the next 12 months, with around a 50% headcount increase. But with ISACA reporting the global shortage of cybersecurity professionals will reach two million by 2019, it might not be possible.
And it’s unlikely that adding more people to deal with more manual processes will solve the vulnerability response challenge. By making vulnerability response processes more efficient and accurate, organisations will make the most of their existing people, reducing the need to hire further scarce resources.
If you’re at sea and taking on water, then taking on extra hands to bail can be helpful. But for an effective vulnerability management process, instead of looking for ‘bailers’, put your focus on identifying the size and severity of the ‘leak’.
About the Author
Greg White is Senior Director, SecOps at ServiceNow. ServiceNow® Security Operations is a security orchestration, automation, and response engine built on the intelligent workflows, business context, and deep connection with IT of the Now Platform. Connect your existing security tools to prioritize and respond to incidents and vulnerabilities quickly based on their potential impact to your business.