We Need to Talk About… Patching

The ONE conference presentation by Lokke Moerel and Michel van Eeten on patching is now available online. The dialogue session with various security experts, including KPN CISO Vladimir Cibic and NN CISO Floor van Eijck, highlighted significant gaps in corporate patching practices, revealing that known vulnerabilities remain a leading cause of data breaches. The session incorporates findings from a THESEUS interview study that found a significant gap between patching policies and practice, noting that organisations are often not able to patch within timelines they set themselves. You can find the details here, while the recording of the sessions is available below: