Slow patching leaves organizations vulnerable to cyberattacks

Share post:

IT professionals are taking up to a month to patch critical security flaws, leaving organizations at high risk of cyberattacks. This is according to a new survey from Synopsys, which found that 28% of respondents take as long as three weeks to patch a critical security vulnerability, and another 20% say their organizations take up to a month.

The survey, reached out to 1,000 IT experts from the United States, the United Kingdom, France, Finland, Germany, China, Singapore, and Japan, revealed this.

According to the survey, 28% of respondents admitted to taking up to three weeks to address a critical security vulnerability, while an additional 20% confessed that their organizations often take a whole month to apply the necessary patches. The repercussions of such delays is that hackers who are quick to exploit newly discovered vulnerabilities, pose threats to organizations that lag behind in securing their systems.

There are a number of reasons for this slow patching, including a lack of resources, the complexity of modern IT systems, and the difficulty of prioritizing patches.

“There are multiple different factors involved when it comes to patching, and it’s very time consuming,” Kimm Yeo, senior solutions manager at Synopsys’ software integrity group, told Axios.

“There are a lot of vulnerabilities sitting in the backlog,” she added. “How do you know this is critical enough that you need to give it top priority, especially when there’s a lack of security experts or insights into the vulnerability itself?”

Furthermore, the survey’s findings shed light on insecure code prevalent in the modern internet, often due to the use of less secure coding languages and the tendency to prioritize production deadlines over security.

The sources for this piece include an article in Axios.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways