Today, technology moves at a lightning pace. In almost every instance, this is great news for businesses and consumers alike. Each day, new solutions are coming available for businesses and new products are coming available for consumers. However, in some instances, the speed at which technology advances can present a real threat. This threat comes when hackers and cybercriminals are able to react more agilely to advances in technology and methodology than the businesses they are targeting. Already, this conundrum has created some major problems, and chances are it will create many more in the years to come.
The Case of Equifax
On Septemeber 7, 2017, Equifax – a consumer credit reporting agency – reported what will go down as the largest data breach in US history. The social security numbers of over 143 million users were compromised.
Meanwhile, 209,000 of those users had their credit card information stolen as well. Both Equifax and its users are still reeling from the fallout of this breach. Users are reporting having their income tax refund stolen, fake mortgages taken out on their homes, and a myriad of other devastating consequences. The damage to Equifax and their shareholders has been almost as painful, with Equifax stock falling over 25% since the breach. To make matters all the worse, this breach could have been avoided.
The security group The Apache Foundation said in a statement that, “The Equifax data compromise was due to (Equifax’s) failure to install the security updates provided in a timely manner.” The technology necessary to stonewall the hackers who breached Equifax already existed and was made available to the company. However, because they were relying on outdated security software, the hackers were able to break through.
Why do Companies Rely on Outdated Software?
Equifax is a huge company with plenty of resources. The fact that they would ignore a software update is, at first glance, almost baffling. However, Equifax is not alone. Across the country, companies of all sizes are relying on yesterday’s software to protect them from tomorrow’s threats. Why, though, is this the case?
One potential explanation is the fact that both the threats and the software meant to guard against them are evolving at a pace that is too fast for most companies to keep up with. The landscape of cybersecurity is vastly different today from what it was 12 months ago, and it will almost certainly be vastly different 12 months in the future from what it is today. Yet adapting at the rate that this landscape is changing is seen by far too many executives as being too much of a hassle and expense.
Of course, the hassle and expense of dealing with a devastating attack are far more crippling. Ask Equifax, who would probably pay almost any amount at this point to go back in time and update their software with the new version that was made available to them.
The second reason why far too many companies are relying on outdated software is a lack of awareness. Executives at these companies believe that if they download a quality security software that they will be protected for months and even years after the date that they download it without any extensive updates in-between. This, however, is simply not the case.
In the same way that a modern artillery round would sheer through medieval chainmail like it was hot butter, outdated security software is woefully incapable of protecting businesses against the threats that exist today, and it will be even less effective against the threats that are sure to come about in the near future.
Thus far, the good guys developing security software have done a remarkable job staying ahead of the bad guys developing malicious software, especially when you consider that the threat almost always comes into existence before the safeguard. However, these security software developers face an even bigger challenge in educating their customers about the importance of regular, sometimes extensive updates and patches. Until they are able to overcome this barrier, countless companies across the country, as well as the consumers that trust them with their sensitive data, are going to be at risk.
What You can do to Protect Your Business
The recent hack of Equifax serves as a sobering reminder about the importance of not relying on outdated software. However, it isn’t always easy to know when and how you need to update your security software. Companies such as Equifax have the advantage of relying on entire IT departments and outside consultants to tell them exactly what they need to do to stay secure. In this instance, they chose to ignore that information, but the fact is it was still available to them.
For small to medium-sized businesses (SMBs), though, this luxury may not be available. It’s one thing to know that staying updated and avoiding outdated software is a good idea. It’s another thing to know when your software needs updated, what specifically needs to be updated, and how those updates need to be made. Without a network of IT professionals advising you, the waters can quickly get muddied.
Thankfully, SMBs no longer have to wander around in the dark when it comes to their security. By working with outside consultants, businesses of all sizes can rest assured that they are staying updated with the best security software and protocols available – no extensive in-house IT department required.
Today, outdated software presents a real threat to a great many businesses, but thankfully it’s a threat that is easy to overcome with a little bit of preparation and effort. If you would like to learn more about how we can help you stay one step ahead of cybercriminals by employing the best security software and protocols as they become available, we invite you to contact us today.