Study: Security nightmare: 27% of US enterprises take months to install vital security updates

  • 45% of businesses with over 100,000 computer terminals wait at least a month before installing vital security updates
  • 37% of IT managers see failure to install updates as the biggest security threat of 2018
  • Outdated software is now a bigger threat than password vulnerabilities, BYOD and unsecured USB sticks

Bend, OR – August 22, 2018 – In the wake of multiple mega-cybersecurity breaches earlier this year targeting companies like Facebook and Panera, a new study by enterprise content delivery company Kollective is all the more startling:  More than a quarter (27%) of enterprise IT departments in the US are forced to wait at least a month before installing vital security updates, due to budgetary restraints and overly complex infrastructures. That’s according to Kollective’s new ‘State of Software Delivery’ report which examines the software testing and distribution bottlenecks throughout large organizations.

The report incorporates research from 260 IT managers, leaders and decision makers and highlights how the network security of US businesses is failing to meet industry expectations. These failings are especially common among large organizations – with 45% of those with more than 100,000 computer terminals waiting at least a month before installing vital security updates.

The failure to rapidly deploy and install security updates is placing businesses at greater risk of a targeted cyberattack, as hackers look to exploit the vulnerabilities of outdated systems. Kollective’s report also found that 37% of IT managers list ‘a failure to install updates’ as the biggest security threat of 2018. This makes outdated software a bigger threat than password vulnerabilities (33%), BYOA / BYOD (22%) and unsecured USB sticks (9%).

Even more startling, 13% of large businesses have given up on actively managing software distribution, and are, instead, passively asking employees to update their own systems.

Kollective blames the failure to install updates on a combination of slow testing procedures and an inability to distribute updates automatically at scale. As Dan Vetras, CEO of Kollective explains: “Following numerous corporate cyberattacks over the last 12 months, today’s businesses are spending more than ever before on enhancing and improving their security systems. But, this investment is wasted if they aren’t keeping their systems up-to-date.

“While it’s obviously important for IT teams to spend time testing new software and updates before rolling them out, our research has found that many of the delays in software distribution aren’t because of testing, but rather a lack of infrastructure. Poorly constructed networks mean that, even those companies that have made a significant investment in security software, are still leaving their organizations vulnerable to attack. With a growing number of applications being left out of date, today’s businesses are creating their own backdoors for hackers, botnets and malware to attack.”

To find out more about the role of software delivery in enterprise networks and security, download Kollective’s State of Software Report.

Über Kollective

At Kollective, we make corporate networks smarter so your people can work better. The Kollective platform scales existing IT infrastructure to accelerate content delivery to the edge of the enterprise while minimizing network congestion. From live town hall meetings, global presentations and on-demand video training, to major operating system updates and the delivery of critical patches, Kollective keeps your network secure without impacting critical business applications.  We are a passionate team of experts that work by your side every step of the way. With Kollective it’s as easy to reach a device on your network across the world as it is to reach one in the cubicle next door.

Media Contacts

Sammy Browning / Ross Jones
Wildfire PR
+44 20 8408 8000