Patching is too complex and time consuming say IT pros
A new survey from automation platform Ivanti reveals that 71 percent of IT and security professionals find patching to be overly complex, cumbersome, and time consuming.
In addition 57 percent of respondents say that remote work has increased the complexity and scale of patch management.
Patching often takes a back seat to their other tasks according to 62 percent of respondents, and 60 percent say that patching causes workflow disruption to users. In addition, 61 percent say that line of business owners ask for exceptions or push back maintenance windows once a quarter because their systems can't be brought down.
At the same time, the speed of vulnerability weaponization continues to increase such that IT and security teams can't respond fast enough. 53 percent say that organizing and prioritizing critical vulnerabilities takes up most of their time, followed by issuing resolutions for failed patches (19 percent), testing patches (15 percent), and coordinating with other departments (10 percent). The raft of challenges that IT and security teams face when it comes to patching may be why 49 percent of respondents believe their company's current patch management protocols fail to effectively mitigate risk.
"These results come at a time when IT and security teams are dealing with the challenges of the Everywhere Workplace, in which workforces are more distributed than ever before, and ransomware attacks are intensifying and impacting economies and governments," says Srinivas Mukkamala, senior vice president of security products at Ivanti. "Most organizations do not have the bandwidth or resources to map active threats, such as those tied to ransomware, with the vulnerabilities they exploit. The good news is that the combination of risk-based vulnerability prioritization and automated patch intelligence can bring to light vulnerabilities that are being actively exploited and have ties to ransomware. With unique patch reliability, IT and security teams can seamlessly deploy patches, and solve for common challenges that are putting organizations at risk."
You can read more on the Ivanti site and there's an infographic summary of the findings below.