BitSight, a security ratings powerhouse, just released a new report titled, “A Growing Risk Ignored: Critical Updates,” analyzing more than 35,000 companies from industries across the globe over the last year.
The objective of the report? To better understand the usage of outdated computer operating systems and internet browsers, the time to it took to update operating systems once a new release was made available, and how these practices correlate to data breaches.
The data shows that there are large gaps in asset management programs across the globe. Organizations must be more vigilant about limiting their attack surface by more rapidly addressing exploitable vulnerabilities.
The conclusion of this research coincides with “WannaCry,” a strain of ransomware that affected over 300,000 computers worldwide across banks, hospitals, telecommunications services, and train stations, while also disrupting the global supply chain network of many other critical services. Despite the availability of a critical patch months prior to the attack, many companies neglected to download the Microsoft update.
For additional insight or to download a copy of the report, click here.