According to a new ‘State of Software Delivery’ report from enterprise content delivery company Kollective, more than a quarter of enterprise IT departments wait at least a month before installing vital security updates.
Kollective’s report highlights how the network security of UK businesses is failing to meet industry expectations.
These failings are especially common among large organisations – with 45% of those with over 100,000 computer terminals having to wait at least a month before installing vital security updates.
‘Failure to install updates’
This failure to rapidly deploy and install security updates is placing businesses at greater risk of a targeted cyber attack, as hackers look to exploit the vulnerabilities of outdated systems. Kollective’s report also found that 37% of IT managers list ‘a failure to install updates’ as the biggest security threat of 2018.
This makes outdated software a bigger threat than password vulnerabilities (33%), BYOA / BYOD (22%) and unsecured USB sticks (9%).
Kollective blames this failure to install updates on a combination of slow testing procedures and an inability to distribute updates automatically at scale.
Dan Vetras, CEO, Kollective, explains: “Following numerous corporate cyber attacks over the last 12 months, today’s businesses are spending more than ever before on enhancing and improving their security systems. But, this investment is wasted if they aren’t keeping their systems up-to-date.
“While it’s obviously important for IT teams to spend time testing new software and updates before rolling them out, our research has found that many of the delays in software distribution aren’t because of testing, but rather a lack of infrastructure.
“Poorly constructed networks mean that even those companies that have made a significant investment in security software, are still leaving their organisations vulnerable to attack. With a growing number of applications being left out of date, today’s businesses are creating their own backdoors for hackers, botnets and malware to attack.”
The report incorporates research from 260 IT managers, leaders and decision-makers.
Written from press release by Leah Alger