11 October 2018
More than a quarter of corporate IT departments must wait at least a month before they can install vital security updates. That’s according to a new study from enterprise content delivery company Kollective which examines the software testing and distribution bottlenecks throughout large organisations in the UK and US.
As part of its State of Software Delivery report published in August, Kollective commissioned an independent survey of 130 UK and 130 US IT decision makers earlier this year. The research reveals how network security in UK businesses is failing to meet industry expectations.
The study found that the failings are especially common among large organisations, with 45 per cent of those with more than 100,000 computer terminals having to wait at least a month before installing vital security updates.
Thirty seven per cent of those polled cite ‘a failure to install updates’ as the biggest security threat of 2018. Kollective says this makes outdated software a bigger threat than password vulnerabilities (33 per cent), BYOD/BOYA (22 per cent) and unsecured USB sticks (nine per cent).
The company blames this failure to install updates on a combination of slow testing procedures and an inability to distribute updates automatically at scale.It says that while businesses are spending more than ever on enhancing and improving their security systems, this investment is wasted if they aren’t keeping their systems up to date.
“While it’s obviously important for IT teams to spend time testing new software and updates before rolling them out, our research has found that many of the delays in software distribution aren’t because of testing, but rather a lack of infrastructure,” says Kollective CEO Dan Vetras. “Poorly constructed networks mean that, even those companies that have made a significant investment in security software, are still leaving their organisations vulnerable to attack.”
He goes on to warn that with a growing number of applications being left out of date, today’s businesses are “creating” their own backdoors for hackers, botnets and malware to attack.