3 Patch Management Best Practices

October 27, 2022

It’s tempting to click on the “remind me later” button when it comes to installing software updates on your computer but doing so can leave your system susceptible to cyberattacks. Software and application updates frequently contain “patches,” which are used by developers to fix known system issues or add new features. Security patches reduce vulnerabilities by correcting potential points of entry into your system, helping your organization reduce its security risk.

A consistent IT strategy aligned with both a view to cyber security risks and the conditions of your cyber liability program are vital. Failure to align may result in not only increased vulnerability but also impact how your insurance policy responds. A 2018 study by the Ponemon Institute found that over half of all data breaches can be attributed to poor patch management.

Here are 3 Patching Best Practices to help improve your overall cyber hygiene and keep your organization safe:

  1. Install updates quickly: When updates become available, don’t delay. As soon as patches are released and vulnerabilities are exposed, threat actors know exactly where to target your systems.
  2. Automate patching: Automated patching tools continually scan for missing patches and updates, which increases speed and efficiency of patch deployment and minimizes the time you are vulnerable. Additionally, there is less possibility for human error, as IT teams don’t need to constantly stay on top of patch releases. Some software even contains the option to prompt you to install updates automatically whenever an update is released.
  3. Test patches before rolling out fully: When patches become available, start with a small group of your systems to make sure everything runs smoothly. Additionally, create a system backup before making any changes, to protect your data in the event there is an issue with patch installation.

For more information on patching and cyber security, please visit Conner Strong and Buckelew’s Cyber Portal. Contact your account representative to learn more about our cyber services or to help setup your cyber portal account.


Cyber Risk