Сase study

How does vulnerability and patch management tie into cyber protection?

Cyberthreats are more prevalent than ever and one of the most effective cyber exploits preys on outdated software, both operating systems (OSs) and applications. Cybercriminals focus on popular OSs and applications, such as Windows, Java, Adobe, and Microsoft 365, looking for vulnerabilities to exploit. This is why a patch management system is imperative. 

AcronisCyber Protect cloud

What is a patch management system?

All reputable software providers release IT and security patches on an ongoing basis to add improved functionality, enhance performance, and close security loopholes and vulnerabilities in their OSs or applications. Patch management centralizes and automates the detection, acquisition, installation, and reporting of these patches on your systems, eliminating the workhours IT spends manually looking for and applying patches on servers and desktops across the organization.

Patch management systems can be a separate product, or a part of a larger cybersecurity suite. The product/feature manages multiple software patches, keeping your infrastructure up-to-date and protected from threats. In organizations, patch management is typically controlled by a system administrator who configures the software according to the organization’s security policy, structure, and needs, including specific functionality requirements. Patch management ensures that patches are applied on a timely basis and are not subject to time delays because the patch is overlooked, or IT resources are stretched. 

When patching software isn’t automated, IT and business users are not as careful about performing regular updates, which is why software developers are continuously improving and automating update procedures for their products. Without reporting on patch management, you cannot be sure that the software was correctly installed or if any software patches failed.

IT patches address vulnerability gaps

Vulnerability patching is an important part of a proactive, multilayered cyber protection strategy. If IT patches are not installed on a timely basis, your organization can – and probably will – be a victim. 

The Equifax data breach, one of the biggest known data thefts to date, is an example of what happens when patching is not timely. A critical vulnerability in the Apache Struts software was disclosed on March 7, 2017. Despite being alerted by the Department of Homeland Security on March 8, “Equifax did not fully patch its systems … leaving its systems and data exposed. On May 13, 2017, attackers began a cyberattack on Equifax which lasted for 76 days…” 

Regardless of the cyberattacks we read about in the news, many organizations are still not regular with patch management and patch monitoring. A Ponemon Institute survey discovered that:

  • 60% of breach victims said they were breached due to an unpatched known vulnerability where the patch update was not applied. (see Figure 1).
  • 62% were unaware that their organizations were vulnerable prior to the data breach.
  • 52% of respondents said their organizations are at a disadvantage in responding to vulnerabilities because they use manual processes.

Every business needs a patch management solution to defend from cyberattack intrusion

Patch management systems ensure security and compliance with regulatory requirements, improve user productivity, and ensure business continuity. Patches are often created after a vulnerability is found either by security researchers or when customers have experienced a data breach. This ensures other businesses’ data, applications, and systems remain safe. Critical patches must be applied as soon as possible to avoid data theft and severe brand damage that often follows a security breach.

Patch management plays a significant role in compliance, minimizing potential data leaks and adding to your data protection. This is especially important for government institutions, healthcare organizations, and organizations in the financial sectors who can face huge losses – due to the compliance penalties alone – following a data leak resulting from an unpatched vulnerability.

If a machine is hacked and rendered useless because of an unpatched vulnerability or after a bad patch is applied, one or more users can be impacted. This negatively impacts both business continuity and user productivity.

A good patch management solution addresses all these challenges. 

Acronis Cyber Protect: Vulnerability assessment and patch management capabilities

As a cyber protection company, Acronis covers all aspects of cybersecurity to provide seamless business continuity for its partners and customers. Vulnerability assessment and patch management capabilities are important parts of Acronis’ cyber protection proposition, which centralizes your security posture in one management console and one agent, eliminating typical security management complexity.

Acronis Cyber Protect’s vulnerability assessment and patch management functions provide detailed information about devices and applications running on your network. Vulnerabilities are classified according to an internal severity scale and required updates are automatically fetched and rolled out to different groups in a variety of ways by tweaking the corresponding protection plan.

Acronis distributes patches from its cloud servers around the world and uses a peer-to-peer patch distribution technology to prevent slowdowns during patch rollout for non-Windows systems and third-party applications. Updates, upgrades, and applications can contain packages with exceptionally large files. Downloading and distributing these large files can consume network resources on the devices receiving them. Acronis uses delivery optimization to reduce bandwidth consumption by sharing the work of downloading these packages among multiple devices in a customer’s deployment.

Acronis Cyber Protect supports Windows-based and Linux networks. The solution patches endpoints, whether they are located inside or outside the corporate network.
The patch management functionality can also be used in unique safe restore scenarios from a full-disk backup. The safe restore feature guarantees you are protected by updating anti-malware bases of the Acronis Cyber Protect agent in this full-disk backup to the latest definitions and Artificial Intelligence (AI) models. This allows you to detect malware and prevent it from attacking already patched systems.