Singapore Firms Struggling To Keep Up With Software Patches

Yes, you read it right! Organizations in Singapore are struggling to cope up with the volume of software patches. According to new research released by ServiceNow, Inc has, this year alone, Singapore firms saw an 18% increase in cyber attacks when compared to the past year, with 58% of data breaches associated with a vulnerability for which patch was available but not applied on time.

ServiceNow commissioned the Ponemon Institute to survey nearly 3,000 cyber security professionals across nine countries, Singapore, Japan, United States, France, Australia, Netherlands, Germany, New Zealand, and the United Kingdom. 

The study reveals that nearly 79 percent of firms did not have adequate staff to deploy security patches promptly to prevent a data breach.

The study further revealed that 72 percent of Singapore firms planned to hire more staff, an average of five additional staff members, dedicated to patching over the next one year. 

It might be especially critical, considering that 67 percent of respondents pointed to the lack of coordination between their teams. Another 69 percent of respondents in Singapore revealed that their teams could not take critical applications and systems offline to patch them quickly, while another 45 percent of respondents said that their teams struggled to prioritize the patching process. 

As a result, IT staff in Singapore spent an average of 10 days manually coordinating patching activities across their teams, though 49 percent of respondents said that manual patching processes placed them at a significant disadvantage with regards to patching vulnerabilities.

Nearly 60 percent of respondents in Singapore believed that cyber attackers currently were ahead of their businesses in their use of technology, such as AI and Machine Learning. Some 80 percent of respondents revealed that deploying automation tools to patch vulnerabilities helped them respond more quickly.

Meanwhile, respondents in Japan seemed to have a more difficult time coping with security patches, with 99 percent of Japanese respondents stating that their teams lacked sufficient resources to keep up with the volume of security patches. 

The study further revealed that IT staff in Japan lose an average of 13 days manually coordinating with other relevant teams before a security patch was applied. 

Globally, respondents reported a 34 percent increase in weekly costs spent on patching compared to the last year. Plus, 30 percent more downtime vs. 2018, due to delays in patching vulnerabilities. 

There is also a 17 percent increase in the volume of cyberattacks in the last 12 months compared to the same timeframe the previous year. Plus, there is a nearly 27 percent increase in cyberattack severity compared to 2018.

As per the study, automation tools offer a significant advantage in terms of being able to respond quickly to data breaches and effectively patch software vulnerabilities. Nearly 80 percent of respondents who employ automation tools said that they respond to software vulnerabilities in a shorter timeframe with the help of automation.

ServiceNow’s general manager for security and risk, Sean Convery, said: “Companies saw a 30 percent increase in downtime due to patching of security vulnerabilities, which hurts customers, employees, and brands. Many firms have the motivation to address this challenge, but struggle to leverage their resources for more impactful vulnerability management effectively. IT Teams that invest in automation tools and developing their IT and security team interactions will strengthen the security posture across their organizations.” 

Other findings of the ServiceNow study:

• Nearly 76 percent of respondents stated that they don’t have adequate resources to cope with the volume of security patches.
• Nearly 58 percent of respondents said that their data breaches are due to human error.
• Nearly 96 percent of firms in Singapore experienced a data breach over the past year, with 98 percent of firms expressing security concerns involving 5G network deployments and digital transformation initiatives.
• Nearly 88 percent of respondents stated that they must engage with other teams across their organizations, which results in silos that delay security patching by an average of 12 days.
• Annual spending on software patching and vulnerability management initiatives rose to $1.4 million, an increase of an average of $282,750 from 2018. 

With cybercriminals harnessing the power of new-age technologies such as AI and Machine Learning to break through advanced security systems, building the culture of security into the vision and values of all organizations is a must.