THE number of people killed in road traffic collisions on our roads in the years up to and including 2009 was consistently above 100, and then in 2010 there was an unprecedented reduction in which fatalities fell by 55 per cent to 55. The figure has fluctuated around this level until increasing to 79 deaths in 2014, and according to the PSNI,74 people lost their lives on Northern Ireland roads in 2015.
Research on the Road Safety Observatory website (www.roadsafetyobservatory.com/KeyFacts/vehicles/seat-belts) stated that seat belts "are 50 per cent effective at preventing fatal injuries for drivers, 45 per cent effective at preventing serious injuries and 25 per cent effective at preventing minor injuries. For front seat passengers, seat belts are 45 per cent effective at preventing fatal injuries or serious injuries, and 20 per cent effective at preventing minor injuries".
Imagine how much higher that percentage of deaths and injuries would be if seat belts didn’t come with every vehicle; if every vehicle owner had to research and compare multiple seat belt solutions, select one, buy it, instal it, and then ensure that it kept functioning and was up to date.
In light of the statistics above, would most vehicle owners decide to skip the expense and hassle and do without seat belts? That seems highly unlikely, given what is known about the increased risks of driving or sitting in a car without them.
But for a variety of reasons, none of which make logical or financial sense, many businesses and organisations still don’t invest in endeavouring to keep their IT systems protected and most importantly –strive to keep their protection as up-to-date as possible.
Somehow, leaders at those organisations decide that it’s easier, cheaper, or both to continue doing business on systems that they know are unprotected or under-protected than to protect those systems adequately— even when they know the magnitude of the risk, and have witnessed peer companies suffer significantly and publicly from taking similar risks.
The process for keeping up-to-date with the latest software protection is often termed as “patching” and where effective IT security is concerned, the power of a proactive patching processes (and the tools that support them) is difficult to overstate.
Last year Google published their research, based on a survey of 231 cyber-security experts and 294 “typical internet users”, about how they protect the data that matters to them. Among the experts, installing software updates was the top protection measure cited, ahead of strong passwords and two-factor authentication (an extra layer of security that requires not only a password and user-name but also something that only, and only, that user has on them – often required by many of our banks and building societies when banking on-line).
Some 35 per cent of the expert respondents listed software updates as important, compared with only two percent of the non-experts, who focused instead on anti-virus software and strong passwords.
In many cases, effective patching is not only valuable, but essential for doing business. Many of us will be familiar with this concept when we’re asked to allow a windows up-date on our PC or an Apple OS upgrade on an iPad – consumers just don’t refer to this as patching.
As Google said in its research mentioned previously: "Software updates are the seatbelts of online security; they make you safer, end of story. And yet, many non-experts not only overlook these as a best practice, but also mistakenly worry that software updates are a security risk."
On that security point, it is important that the patches you download are fully tested and inspected before you introduce them to the company’s network. The challenge for IT managers and departments is that this can be exacerbated by support for mobile, remote, or itinerant IT users.
Some security experts believe that 85 per cent of targeted cyber-attacks could be prevented by patching software applications and operating systems and by restricting administrative privileges on your organisations IT infrastructure.
Yes, patches can break things or disrupt user productivity. Sometimes patches even introduce new security vulnerabilities. But none of these justifies not patching in a timely, comprehensive and well managed fashion.
:: Trevor Bingham (editorial@ itfuel.com) is business relationship manager at ItFuel in Craigavon. Follow them on Twitter @itfuel.
