<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">
Vendor Risk Management

5 Risks Of Outdated Software, Browsers, & Operating Systems

Joel Alcon | August 14, 2017

If more than half of an organization's endpoints are outdated, its chances of experiencing a breach nearly triples. 

These findings underscore the seriousness of the risk posed by outdated software, browsers, and operating systems. The fact is, failing to update your software doesn’t just mean you won’t have the latest version—it means you could expose your organization to major security vulnerabilities.

Here are five risks organizations may incur if your systems aren’t kept up to date.

5 Risks Of Outdated Or Unsupported Software, Browsers, & Operating Systems

1. Ransomware

One of the major risks of outdated systems is a ransomware attack. After the WannaCry outbreak—which hit more than 160,000 computers around the world—BitSight researchers found that more than 67 percent of the computers affected by WannaCry were running Windows 7. You can read more about WannaCry’s global impact and the implications therein in this article.

2. Business DisruptionsNew Call-to-action

Devices connected to your network could be more integral to your business than you think—which means that a virus on such a device could cause a major business disruption. The potential for this may be largely based on industry. For instance, if you’re in the healthcare sector, updating a particular device’s operating system could break the system. Consider this: if an MRI machine is running an outdated operating system and becomes infected with a worm, it could cause a major disruption that impacts your business.  

3. Third Party Risk

While it’s critical to look within your organization for outdated systems, it’s just as important to assess your third parties. For example, if one of your vendors manages critical data for your business and accesses your network using an outdated browser, that vendor could be inadvertently exposing your (or your customers’) data to risk.

This is where BitSight can help. Traditional questionnaires and other third-party assessments may give you an idea of how your vendors operate, but it’s difficult to verify the accuracy of this information. Security Ratings use externally observable data to determine if your vendors are using outdated endpoints, so you can be sure that your data remains safe and secure.

4. Outdated Mobile Device Risk

It’s inevitable: The more your business grows, the more employees you have—and the more mobile devices get connected to your network.
 If one of these mobile devices is running on an outdated operating system or using an outdated browser, the security of your corporate network is weakened. You must establish a continuous monitoring strategy to ensure that your employees are not using outdated mobile devices to access critical information on your network. Furthermore, you can use solutions like BitSight to gain insight into the mobile device versions used by third parties with access to your company’s critical data.

5. Internet Of Things Risk

As more IoT devices are created and connected online, monitoring the version of their operating systems will become increasingly important. In fact, in August 2017, a bipartisan group of senators introduced legislation addressing internet-embedded objects (known collectively as the Internet of Things, or IoT). According to Reuters, “The new bill would require vendors that provide internet-connected equipment to the U.S. government to ensure their products are patchable and conform to industry security standards. It would also prohibit vendors from supplying devices that have unchangeable passwords or possess known security vulnerabilities.” Whether or not this bill passes, its very creation highlights the criticality and importance of outdated software and systems.

Download A Growing Risk Ignored: Critical Updates

As indicated in the five risks outlined above, the criticality of updates cannot and should not be ignored. That’s why BitSight’s team of data researchers examined more than 35,000 companies from over 20 industries around the world to find correlations between outdated software (as well as browsers and operating systems) and data breaches over the last year. Download this BitSight Insight Report today to learn more and keep your organization protected.

Suggested Posts

Many Third-Party Risk Management Programs are Missing Continuous Monitoring

If you’ve done your homework as a cybersecurity professional, then you know that third-party vendors with substandard security controls and processes could be putting your organization at risk.


How Secure is that Third Party Mobile App?

In a world where business is increasingly conducted on mobile devices, it is imperative that organizations offer mobile applications to serve their customer base. In fact, for many businesses, mobile applications are one of the primary...


How Does Third Party Risk Management Relate to IT?

As advances in cloud computing and managed services have made IT operations more streamlined, the focus of IT leaders has shifted to improving efficiency, agility, and risk management. Managing risk, in particular, has become an even more...


Subscribe to get security news and updates in your inbox.