In a shift that bodes well for managed service providers (MSP), a survey of over 250 security and IT professionals found patch management to be a significantly higher cybersecurity priority.
Patching can be disruptive and resource-intensive
Conducted by Demand Metric on behalf of Adaptiva, more than half of respondents (51 percent) reported that patching is now a more significant concern than even vulnerability detection. Nearly two-thirds of respondents (64 percent) identified coordinating the detection of vulnerabilities as their biggest challenge. They also noted that managing remediation efforts was a significant part of the issue.
Most of the survey respondents (79 percent) said they had already automated the distribution of application patches. However, nearly all (98 percent) said patching software disrupts their work by forcing them to reallocate resources. More than three-quarters of respondents (77 percent) require more than a week to apply a patch to software running in an IT environment.
Not all patches are of equal value in terms of the level of risk associated with them. Organizations are starting to realize that the risk of not applying timely patches is greater. This risk outweighs the inherent danger of applying a patch that could potentially take applications offline. Given all the potentially unseen dependencies in an ideal world, any IT environment update should be thoroughly tested.
AI threats boost the need for immediate remediation
Often, by the time the patch is created and tested, cybercriminals, in all probability, have created an exploit that targets the vulnerability the patch is meant to remediate. With each passing day, the speed at which cybercriminals can create those exploits continues to accelerate, a situation that is only likely to become more problematic as cybercriminals increasingly use artificial intelligence (AI) to write code. The expectation is that the number of zero-day vulnerabilities needing immediate remediation will sharply increase. Cybercriminals are leveraging AI tools to discover previously unknown issues for which no patch is immediately available.
The only way to combat those threats will be to rely more on patch management automation, which is generally going to be more cost-effectively provided by an MSP than an internal IT team. An internal IT team may be better able to assess the risks of deploying a patch.
Still, automating an update to, for example, an operating system is generally less risky than patching application software, which might have many dependencies between software components that can be difficult to determine before a patch is applied. Fortunately, the software composition analysis (SCA) tools used to discover dependencies are improving. As a result, the risk associated with patching applications is decreasing. However, there is still much work to be done.
Why MSPs are essential
The volume and pace at which patches need to be applied exceed the ability of most internal IT teams to manage effectively. Many organizations struggle to keep up with the demands of patch management. MSPs can offer this capability as a service to help manage patches effectively. They ensure timely installation and track the risk levels associated with applying each patch.
Similar to providing other types of managed services, patch management may not rank among the most glamorous IT tasks. It is becoming an indispensable task for organizations. Many are now relying on external service providers to manage it more effectively.
Photo: 3rdtimeluckystudio / Shutterstock
This post originally appeared on Smarter MSP.