Introducing the State of Enterprise Linux Security Report

As regulations around cyber security tighten and the risks increase, have you ever wondered how your company’s IT processes rank compared to others? Are you patching your systems on time, or one the majority of organizations that take upwards of a month to deploy patches for known vulnerabilities?

As cyber security concerns become more prevalent and threat actors get more sophisticated, it has never been more important to be aware of the current State of Enterprise Linux Security Management. After a successful publication last year of our report on vulnerability management, TuxCare has worked with the Ponemon Institute to develop an updated version, providing a more in-depth understanding of the security risks and mitigation strategies currently in place for Enterprises. Just as the risks are global and can potentially affect every organization, sharing knowledge of how companies deal with security can provide the insights needed to develop and implement the correct strategies – or identify areas where your organization may be lacking and doesn’t even realize it.

Some of the findings were truly unexpected. In an industry where vulnerability awareness is a foundational process, and the response to such vulnerabilities is patching, it was impressive to discover that over 56% of organizations take more than four weeks to deploy patches for known important or critical vulnerabilities. This would be a worrying sign at the best of times, but it is even more important to consider in the current cyber security environment. What steps can be taken to improve this situation? Leaving systems unprotected for such a long period of time invites disaster.

Also, it is remarkable that about a third of organizations are not aware that the security of cloud-hosted systems is still their responsibility. This gap can induce a false sense of security and contribute to a large proportion of systems being left in a security limbo, where the only people looking at them are the threat actors.

On a more positive note, the rise of automation is indeed moving from the headlines to the actual day-to-day activities of IT teams. The standardization and repeatability of processes that come with it is a boon that would be hard to achieve with manual operations.

For these and many other interesting aspects related to Enterprise Linux Security, be sure to check the complete report, which you can find HERE.