Infosec 2012: Patching alone can deliver 80% protection

Keeping software up to date with security patches can deliver 80% protection from cyber threats, says security firm Secunia.

Keeping software up to date with security patches can deliver 80% protection from cyber threats, says security firm Secunia.

Businesses can no longer rely on anti-virus products, with around 9% of enterprise computers believed to be infected with botnet Trojans, said Stefan Frie, research analyst director, Secunia.

NSS Labs have shown that there is a 10% to 45% chance that malware will bypass commonly used anti-virus products, he told attendees of Infosec Europe 2012 taking place in London.

The best way for enterprise infosec professionals to deal with the onslaught of automated and polymorphic malware is by applying enterprise software security updates as soon as possible.

Most patches are available on time, said Frei, with patches available for 72% of the top 50 enterprise applications on the day an exploit is published.

"Zero-day vulnerabilities are not as numerous as most people think; so infosec pros just need to act. Patching is much more effective than anti-virus because it eliminates the root cause of the vulnerability," he said.

But with most enterprises having an average of 12 major software suppliers, each with different security update cycles, that can be a complex task, said Frei.

One way of tackling this problem is patch the same set of critical applications each year. Tests have shown that by patching the 37 most used applications, and enterprise can block 80% of threats.

However, said Frei, the same level of protection could be achieved by patching just 12 applications a year through adopting a more cost efficient dynamic approach.

Vulnerabilties and continually changing, said Frei, which is why a dynamic approach using threat intelligence is more efficient and effective, focussing resources only on the current and most critical threats.

"Knowing what applications you have, what are critical, and what vulnerabilities they have at any given time enables you to be most effective with limited resources," he said.

By knowing what is absolutely necessary to patch at any given time is essential to an enterprise being able to defend its information assets in a rapidly changing threat environment.

Read more on Hackers and cybercrime prevention