Third of Breaches Caused By Unpatched Vulnerabilities

IT security professionals have admitted that a third of cybersecurity breaches are the result of vulnerabilities that they should have patched.


Software vendors are constantly publishing new patches to fix problems in software that they have sold. It's then up to the users of the software to apply the patches or else risk leaving themselves open to attack via the backdoors that the vendors failed to spot when initially building the product.


But the sheer volume of patches, with many vendors publishing new fixes on a monthly basis, and the need to test those patches to ensure that they don't cause other unexpected problems, means that there's often a delay in getting systems secured. That leaves a gap that hackers can exploit.


A study by Tripwire revealed that many organizations could be doing more to manage their vulnerabilities.


Supporting this conclusion, 27 per cent of survey participants said their employer had suffered a data breach as the result of an unpatched vulnerability. The rate was even higher for European organizations at 34 per cent.


Tim Erlin, vice president of product management and strategy at Tripwire, said this lack of asset discovery capabilities is a problem because it limits the overall effectiveness of an enterprise vulnerability management program:


Erlin further explained: “How you assess your environment for vulnerabilities is important if you want to effectively reduce your risk. If you are not doing authenticated vulnerability scans, or not using an agent, then you are only giving yourself a partial picture of the vulnerability risk in your environment.”


more news

Secure Working From Home During Coronavirus


In the wake of the coronavirus, many organisations internationally are allowing people to work from home to lessen the risk of contagion, but is this wise from a cybersecurity point of view? While companies generally have a cybersecurity policy in place that governs the use of anti-virus and firewall protection, individuals without any tech knowledge could fall foul of cybercriminals.

read more

Crypto Miners, Targeted Ransomware Dominate the Threat Landscape


Twenty-eight per cent of all organisations worldwide were impacted by malicious multi-purpose botnets and targeted ransomware attacks rose by 20% according to Check Point Research, the Threat Intelligence and Research arm of Check Point Software.

read more

Kaspersky's Top 7 Mobile Security Threats in 2020


Mobile device security threats are on the rise. In 2014, Kaspersky detected almost 3.5 million pieces of malware on more than 1 million user devices.

read more

SEC Releases Guide To Combat Cybersecurity Threats


The Securities and Exchange Commission has released a guide to best practices to combat cybersecurity infractions, data loss and privacy breaches.

read more