Patch management and the wider business
By Trevor Dolan, Segment Director, Product Marketing, Kollective
In recent years, digital transformation has gone from an office buzzword to a key strategy for any smart business. Likewise, IT in the workplace has been elevated from a small component of the office to having a major role in most businesses. There was a time when the IT department's role largely involved dealing with standard operational tasks like setting up a new server or troubleshooting email. Now, however, the team's to-do list will include managing much more strategic initiatives, including data analysis, augmenting the workforce with AI and incorporating IoT into workplace operations.
Despite the key role IT teams play in modern businesses, their impact on the wider company is not always known or understood. One area where this is becoming especially clear, is in the process of patch management - which can ensure that a business is protected and secure at the most fundamental level.
And it's not just the IT team that should be aware of the important role this task plays in guaranteeing security, the wider business must also be aware of the risks their company faces when it fails to manage, or falls behind on vital software patches.
The impact of a breach
If you were to leave your house unlocked, anyone could wander in and take whatever they wanted. In a similar way, while patches are designed to fix security vulnerabilities, if an IT department - or employee - fails to install them, they are essentially leaving their business 'unlocked' for hackers and cyberattacks. If you leave your network open to attacks there's no end of damage that can be done. And once you've detected a breach, there's no quick and easy fix.
Not only can these attacks be time-consuming and costly for the business, they can also be damaging to the company's reputation with the general public, customers and industry peers.
If a business was unlucky enough to experience a ransomware attack due to an unsafe network, one of the first areas to suffer would be operations. According to a report by SentinelOne, the average business spends 33 employee hours replacing data that's been encrypted by a ransomware attack. With 48% of businesses suffering a ransomware attack in the last 12 months, it's clear that many companies are not taking the necessary precautions to avoid such a situation. Bottom of Form
According to a SANS report on the post-breach impact of cyber-attacks, the remediation process took a quarter (23%) of companies up to a month to fully remediate breaches, with a further 23% taking 1-3 months. Worryingly, an additional 38% took three months or longer to fully recover. That's a long time for the company to not be fully functional.
In terms of the financial impact, the report shows that remediation costs for external consulting services ranged from a minimum of $1,000 to over $100M, depending on the nature and complexity of the breach. For example, Pharmaceutical giant, Merck, was a victim of the NotPetya ransomware attack at the end of last year which impacted the company's email system and forced a product shutdown. With employees physically unable to work, the company suffered a substantial $300 million in losses. Top of Form
But it doesn't end there. The damage can continue long after systems are restored. Allscripts Healthcare Solutions was recently sued by its own customers over disrupted services and lost patient data after a ransomware attack took down the medical records and scheduling service. Even if the business isn't sued, they can be faced with expensive lawyers and large payments to settle any damages and attempt to repair the company's image.
According to a study by the Ponemon Institute and identity management firm Centrify, over 75% of marketers believe a cyber security breach is a threat to a firm's brand value. This outranks product recalls, environmental disasters and even CEO scandals. Once it hits the headlines and becomes public knowledge, it can be hard to overcome. Even a low-profile attack can make current and future customers wary of trusting your company.
And it isn't just the company that could be in trouble. While the business itself might survive a cyber-attack, there's no guarantee that individual jobs will be protected and the IT team is likely to be in the firing line. If a damaging, preventable attack happens on their watch, everyone in the IT team will be held responsible, no matter how senior they are. In the wake of massive data breaches, CEOs at top firms including Target, Sony, FACC and Equifax all lost their jobs.
These enterprises are often the highest risk for cyberattacks due to poor patch management, with many IT teams struggling to distribute patches across such a large and distributed organisation. Often working with tens - or even hundreds of thousands of terminals, it can be extremely difficult for such businesses to guarantee that their entire organisation is up-to-date - particularly if they are attempting to distribute these patches and updates over a legacy network.
To overcome this issue, many large enterprises are turning to the use of peer-to-peer (P2P) technologies such as SD ECDNs (software-defined enterprise content delivery networks). These virtual networks allow businesses to share patches and updates at high speeds, regardless of whether they are still relying on legacy network infrastructures. By distributing an update to multiple machines (or peers) and then allowing those machines to share the updates amongst themselves, SD ECDNs exponentially decrease the bandwidth load on an organization's network. The greater the number of peers across a complex distributed enterprise, the more efficient content delivery becomes compared to legacy hardware-based WAN optimisation solutions.
Recent high-profile cases have proven that companies prioritising keeping patches up to date will have a significant business advantage over those who don't. The right processes, people and technology are all critical to deploying patches quickly, easily and efficiently but effective patch management is more than just an IT investment. It's an investment in your business, your brand, your staff and even your own future employment.