Skip to main content
close search
site logo
Dive Brief

HP report: Security pros could have avoided majority of cyberattacks with a simple patch

Published July 28, 2015
By
Contributing Editor
JacksonClerk

Dive Brief:

  • All nine of the most dangerous enterprise vulnerabilities are more than three years old, according to HP Security Research’s 2015 Cyber Risk Report.

  • US-CERT found similar results in its study of the 30 most-targeted network exploits.

  • 85% of network attacks are preventable, according to US-CERT estimates.

Dive Insight:

A simple patch, most likely available for years, could have prevented many cyberattacks, studies claim. So why are companies failing to keep up with vendor-issued patches and leaving their systems vulnerable?

Sometimes, the cure appears worse than the disease. Microsoft, Apple and Oracle all released patches in the last year that caused major problems for users. As a result, some CIOs and security leaders have become increasingly cautious about vendor-issued patches.

But manual patching is far too expensive to be considered a viable solution. Instead, vendors must work to help restore customer faith in their automatic updates.

Experts say open communication is key. Vendors need to let their customers know more about patches, what they do, and what implications they have. On the flip side, CIOs must take vendor-issued patches seriously and consider the significant consequences of failing to install them.

Recommended Reading

Filed Under: IT Strategy, Security

Editors' picks

Company Announcements

View all | Post a press release
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
Revenera Monetization Monitor 2025: Product Usage Insights Drive Better Roadmaps
From Revenera
November 25, 2024
Unanet Acquires GovPro AI to Enable Customers to Win More Business
From Unanet
November 22, 2024
Editors' picks
Latest in IT Strategy
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.