Security nightmare: 27% of enterprises take months to install vital security updates

45% of businesses with over 100,000 computer terminals must wait at least a month before installing vital security updates.

  • 6 years ago Posted in
Over a quarter (27%) of enterprise IT departments must wait at least a month before they can install vital security updates. That’s according to a new ‘State of Software Delivery’ report from enterprise content delivery company Kollective, which examines the software testing and distribution bottlenecks throughout large organisations in the US and UK.

Kollective’s report, which incorporates research from 260 IT managers, leaders and decision makers, highlights how the network security of UK businesses is failing to meet industry expectations. These failings are especially common among large organisations – with 45% of those with over 100,000 computer terminals having to wait at least a month before installing vital security updates.

This failure to rapidly deploy and install security updates is placing businesses at greater risk of a targeted cyberattack, as hackers look to exploit the vulnerabilities of outdated systems. Kollective’s report also found that 37% of IT managers list ‘a failure to install updates’ as the biggest security threat of 2018. This makes outdated software a bigger threat than password vulnerabilities (33%), BYOA / BYOD (22%) and unsecured USB sticks (9%). 

Kollective blames this failure to install updates on a combination of slow testing procedures and an inability to distribute updates automatically at scale. As Dan Vetras, CEO of Kollective explains: “Following numerous corporate cyberattacks over the last 12 months, today’s businesses are spending more than ever before on enhancing and improving their security systems. But, this investment is wasted if they aren’t keeping their systems up-to-date.

“While it’s obviously important for IT teams to spend time testing new software and updates before rolling them out, our research has found that many of the delays in software distribution aren’t because of testing, but rather a lack of infrastructure. Poorly constructed networks mean that, even those companies that have made a significant investment in security software, are still leaving their organisations vulnerable to attack. With a growing number of applications being left out of date, today’s businesses are creating their own backdoors for hackers, botnets and malware to attack.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...