Cyber Essentials – Step 5 Explained

Patch management:

Software and systems should have the latest security patches installed.

What does this mean…?

Most SMEs will be using ‘off the shelf’ software to facilitate productivity within their workplace, and many organisations will be running common software to perform functions such as word processing, Email, etc.

Cyber attacks will often target vulnerabilities within these common software packages, and will exploit these weaknesses until the software vendors have issued a fix or ‘patch’ to address the vulnerability.

It is important therefore to install patches and updates as soon as they become available, to help protect systems and software from any form of exploitation.

Poor patch management practices are a major cause of data breaches. If organisations apply patch management properly, they are able to mitigate the attacks.

What can we do to help reduce this risk…?

  • Use licenced software to ensure security patches for known vulnerabilities are available.
  • Install software updates and security patches in a timely manner (either automatically or as soon as they have been released).
  • Remove out-of-date software.

Cyber Essential certified body - securious

For more information on Cyber Essentials, please feel free to get in touch, we are here to help!