8 min
The Patching Paradox Cyberthreat: Real Answers to Real Problems
-
- Technology
A new global survey by Ponemon and ServiceNow of nearly 3,000 cybersecurity professionals reveals that more than half the companies have experienced a breach in the past year.
In this session Bob Bragdon, Senior Vice President and Publisher of CSO, and Cliff Huntington, head of global sales for governance, risk, and compliance at ServiceNow, explore how high-performing security teams prevent breaches and what other teams can do to emulate their success.
One particular area deserves a close look: unpatched enterprise software. The survey revealed that a majority of cyber-attack victims say their breaches could have been prevented by installing patches – and the survey also found that organizations can reduce their breach risk by 20% by scanning.
“I think the survey absolutely exposed that there’s a lot of low hanging fruit for adversaries,” says Huntington. “That’s said, the same low hanging fruit for those adversaries could be an opportunity for these organizations to make themselves more secure.”
“The patching paradox usually applies to a few things,” says Huntington. “So first of all, just throwing more resources at this problem doesn’t necessarily solve it when you take a prioritized approach. It also refers to the fact that sometimes the simplest and most basic countermeasures, while not the sexy work that everyone wants to be doing, they will actually provide the most risk reduction for the organization.”
“So if we can start to break down these siloes of process and ownership between IT and security, this will go a long ways towards unwinding this paradox,” he notes.
Sponsored by ServiceNow
A new global survey by Ponemon and ServiceNow of nearly 3,000 cybersecurity professionals reveals that more than half the companies have experienced a breach in the past year.
In this session Bob Bragdon, Senior Vice President and Publisher of CSO, and Cliff Huntington, head of global sales for governance, risk, and compliance at ServiceNow, explore how high-performing security teams prevent breaches and what other teams can do to emulate their success.
One particular area deserves a close look: unpatched enterprise software. The survey revealed that a majority of cyber-attack victims say their breaches could have been prevented by installing patches – and the survey also found that organizations can reduce their breach risk by 20% by scanning.
“I think the survey absolutely exposed that there’s a lot of low hanging fruit for adversaries,” says Huntington. “That’s said, the same low hanging fruit for those adversaries could be an opportunity for these organizations to make themselves more secure.”
“The patching paradox usually applies to a few things,” says Huntington. “So first of all, just throwing more resources at this problem doesn’t necessarily solve it when you take a prioritized approach. It also refers to the fact that sometimes the simplest and most basic countermeasures, while not the sexy work that everyone wants to be doing, they will actually provide the most risk reduction for the organization.”
“So if we can start to break down these siloes of process and ownership between IT and security, this will go a long ways towards unwinding this paradox,” he notes.
Sponsored by ServiceNow
8 min