CYBER SECURITY TERMINOLOGY EXPLAINED

Software Patching and Updates

By making sure there is effective Patch Management in place covering the software / systems across your business you can ensure they are running on the latest versions, which can drastically reduce your potential attack surface.

What is patching?

A patch is an update that has been put out by a device or software manufacturer. Software patches update or add new features, increase optimization, and fixing security vulnerabilities. Patch Management is tooling which centralises and automates the process of detection, download and installation of new updates.

Why is it software patching important?

When patches are released, attackers do is compare to the old version to see what has changed in the hopes of identifying the vulnerability the patch resolves. They will then search for devices online which are yet to be patched and will attempt to leverage the vulnerability against it. One study stated that almost 60% of organisational breaches occurred due to vulnerabilities where the patch was available but not yet applied.

Patching difficulties

There are a number of reasons why a business may encounter difficulties with the patching process, or not be able to update something.

The main ones are as follows:

Asset Inventories

Being unaware of the devices and software in use can make it difficult to stay on top of patching, as you won’t know what versions are running now and if they need updating.

Compatibility

When rolling out patches, there may be unexpected compatibility issues with other key assets/components of the business. Pre-patch testing would help mitigate this, as well as noting links between tooling in the asset inventory.

Third Party Applications / Tooling

Lack of ownership of some devices may lead to difficulties with patch management. As new patches come out they may be applied to internal systems but any third party systems may not fall under the businesses administrative control and requests must be made to carry this out.

End Of Life

Once a device or piece of software has reached the end of its product life cycle the manufacturers will cease to output new updates/features. There are some that may continue security updates past the official end of life date, however check with each manufacturers to confirm. Any devices or tools which are in the end of life phase should be replaced or removed at the earliest convenience.

CYBER SECURITY UPDATES

Sign up for the latest advice and information about keeping your business cyber secure.