An analysis of 35,000 companies from more than 20 industries across the world showed that many of them are at risk of suffering a data breach due to their failure to ensure that the software running on their computers is up to date.
The study conducted by cybersecurity ratings company BitSight focused on Apple and Microsoft operating systems, and the Firefox, Chrome, Safari and Internet Explorer web browsers.
The research showed that more than 50 percent of computers in over 2,000 organizations run an outdated version of the operating system, and over 8,500 companies have failed to update Web browsers on more than half of their machines.
Looking at each of the analyzed industries, BitSight found that the education and government sectors had the highest usage rate of outdated operating systems and browsers. Nearly 40 percent of computers used in the education sector and more than 25 percent of devices in the government sector had been running outdated operating systems, particularly outdated versions of Mac OS.
The fact that public sector organizations have done a poor job at protecting their systems is not surprising, and even U.S. President Donald Trump called for government agencies to take measures in his recent cybersecurity executive order.
At the other end of the chart we have the legal and energy sectors, which had the fewest devices running outdated software.
“Given that the Energy sector provides critical infrastructure services, organizations in this sector should maintain their proactive approach to security,” BitSight said in its report. “Despite its top performance, researchers found that more than 120 companies in this sector were running out-of-date or unsupported operating systems and more than 400 companies were observed to have greater than 33 percent of Internet browsers out-of-date. This represents a gap in security and presents an opportunity for hackers to exploit weaknesses in this critical sector.”
As for how long it takes organizations to apply patches, BitSight determined that it takes most companies, on average, more than a month to update to the latest version of macOS Sierra. Researchers found that in late March, over two months after version 10.12.3 was released, roughly 40 percent of firms had still been using an older version.
In the case of Windows, more than 60 percent of analyzed PCs were running Windows 7 or earlier, including XP and Vista, which no longer receive updates from Microsoft.
Related Reading: DHS Used Outdated, Unpatched Systems
Related Reading: Overwhelming Majority of Android Devices Don’t Have Latest Security Patches
