2020 CYBER HYGIENE REPORT:
What You Need to Know Now

Download the 2020 Cyber Hygiene Report – based on surveys from 560 IT operations and security professionals across 15 industries – to discover the latest real-world trends, best practices, and recommendations about effective cyber hygiene.

Download full report

Cyber Hygiene Report
Key findings
Key findings
Executive Summary
Executive Summary
Video overview
Video overview

Key Endpoint Security Insights

4 in 5 enterprises report experiencing a data breach in the past two years

4 out 5 enterprises
missing patches

Missing patches and configurations are center of data breaches.

Missing OS patches cited as #1 technical attack surface exposure to cause a data breach.

enterprise

Enterprises are not patching fast enough, especially when it comes to zero-days.

59 percent agree that their processes and tools do not enable them to respond quickly enough to cyber threats.

workforce

The modern workforce presents a cyber hygiene dilemma.

Enterprises cite basic issues like the ability to see and patch remotely located and mobile devices as key inhibitors to effective cyber hygiene.

automate

Higher levels of automation are associated with better cyber hygiene.

Organizations with fully automated endpoint patching and hardening are outperforming others in speed and frequency of hardening.

Read executive summary

Cyber Hygiene in the Real World

Most IT professionals are aware that endpoint patching and hardening are basic functions that enterprises must master to provide effective cybersecurity. Most are also aware that there is a lot of room for improvement in the way their own organization performs these functions.

But most IT professionals admit that they don’t have a good feel for exactly how important endpoint patching and hardening are relative to other security controls, how well most enterprises are handling them now, and what are the most common problems enterprises have in performing them.

This report sheds light on those questions using data from a survey of 560 IT operations and security professionals at enterprises with between 500 and 25,000 employees, across more than 15 industries and at government agencies.

Our goal is to help readers benchmark the performance of their organizations against peers and develop insights into how to make improvements that will pay off.

Why should IT professionals care about improving cyber hygiene? Because it can help IT organizations address three major objectives:

  • Reducing risk - endpoints that are quickly and effectively patched and hardened are much less vulnerable to compromise and much less likely to be involved in data breaches.
  • Lowering cost - streamlining and automating patching and hardening can dramatically improve the productivity of IT operations and security operations (SecOps) personnel, reduce the number of alerts that teams have to investigate, and free staff to handle other critical operations and security work.
  • Accelerating business innovation - faster, more reliable processes for patching and hardening, and extending those processes to new technology areas, enable enterprises to quickly and confidently take advantage of innovations in areas like mobile computing and cloud platforms.
“We are unquestionably in the midst of a major patching crisis. As the modern workforce continues to evolve and grow at unprecedented rates, organizations may find it impossible to keep up. Re-thinking endpoint security needs to happen today. The speed and frequency in which organizations remediate vulnerabilities has quickly become an essential part of reducing risk across the enterprise.”
Jay Prassl
CEO and Founder | Automox

Get the full report

Download the 2020 Cyber Hygiene Report for the complete insights on what you can do now to better protect your corprate endpoints in the future.

Cyber Hygiene Report

What is Cyber Hygiene?

According to the Center for Internet Security (CIS), cyber hygiene is a set of baseline practices to proactively protect organizations from cyber threats.

The CIS provides a list of basic cybersecurity best practices for reducing the attack surface of enterprises and protecting information assets. The first six controls focus on eliminating vulnerabilities on endpoints (mobile devices, laptops, servers, and workstations), especially through automated patching and the detection and remediation of misconfigurations.

Adoption of the first six controls has proven to deliver a highly effective and efficient level of defense against the majority of real-world attacks and provide the foundation for dealing with more advanced attacks. Effective cyber hygiene helps IT organizations address three major objectives:

Reducing risk – knowing what you need to protect allows faster, more effective response to patching and hardening endpoints before adversaries can exploit known vulnerabilities.

Lowering cost – greater efficiencies in patching and hardening endpoints means less time investigating alerts, freeing IT operations and SecOps personnel to invest more time handling other critical operations and security work.

Accelerating business innovation – faster, more reliable processes for patching and hardening, and extending those processes to new technology areas, enables organizations to scale their businesses rather than stagnate in legacy architectures.

Advantages of a Cyber Hygiene Platform

Cyber hygiene platforms are designed to systematize and automate many of the tasks that go into patching and hardening endpoints. That includes automating and managing processes that:

  • Provide visibility into all the endpoints in the enterprise and maintaining a complete inventory of the software on them
  • Identify missing patches for operating systems and both approved and unapproved application software
  • Identify misconfigurations and compliance issues
  • Deploy and install software on endpoints
  • Run scripts to fix configuration issues
  • Ensure reliable patching and hardening of systems used by remote users and global workforces
  • Provide reporting and documentation showing that patching and hardening activities are being carried out in compliance with regulations and corporate policies

The best cyber hygiene platforms extend these processes not only across data centers and corporate offices, but also to remote locations and cloud platforms. They handle applications deployed in containers and virtual environments across multiple operating systems.

Ultimately, these capabilities can enable IT organizations to succeed in reducing risk, lowering cost, and accelerating business innovation.

Why is Automox better?

Simple, agile way to patch all your corporate endpoints

Our cloud-native cyber hygiene platform allows you to better manage and secure all your endpoints, including remote or roaming devices. No VPN required.

Automox patches automatically every time a device connects to the Internet. You can remediate patch vulnerabilities, deploy required software, and fix misconfigured systems without the need for multiple tools.

River one
River two

Patch faster, more frequently with automated cyber hygiene

Automation is vital to hardening your endpoints faster than adversaries can exploit vulnerabilities. Only Automox lets you automate any task that can be scripted on any endpoint, regardless of location or domain.

With Automox Worklets™, you can automate and enforce any scriptable action on endpoints, from software deployment to enforcing local configuration policies.

Reduce complexity by eliminating on-premises patch servers

The majority of today’s cyber hygiene solutions require on-premises hardware for each location, which demands constant versioning maintenance as vendors release new features and bug fixes.

As a completely cloud-native endpoint hardening platform, Automox does not require any on-premises hardware, so you can focus more time and energy on doing what matters for the business.

River three

Automox ranked the best cloud-native, cross-platform solution for patch management.

According to the Winter 2020 G2 Patch Management Report, real customers ranked Automox as the highest rated cloud-native solution vs. other leading solutions. And more.

High Performer Winter 2020
High PerformerCustomers get up and running with Automox faster than any other tool.
Fast Implementation Winter 2020
Fastest ImplementationAutomox wins in ease of setup, implementation time, user adoption, and more.
Easiest to do Business with Winter 2020
Easiest To Do Business WithCustomers rank Automox as the easiest partner to work with.

You’re in good company

“We needed a solution that was cloud-based, served our multi-OS environment, and gave us the right mix of automation and control needed to configure/customize a variety of end users. Automox just worked."

Jonathan Sibray, Senior IT Director at University of Colorado Law School

You’re in good company

“I can hands-down recommend Automox for anyone working with modern development today."

Chris Borte, Director of IT and DevOps at InsideTrack

You’re in good company

“We needed a simple, single point of management which Automox nailed. The time savings has been massive."

Jared Haggerty, CEO of Databerry

You’re in good company

“We can now automatically patch any device on any operating system, from any location."

Corey Dolan, IT Technician at Tekside.iO
The data included on this web page is of a general nature only and was accurate as of October 23, 2019. The data is intended, but cannot be guaranteed, to be always up-to-date, complete and accurate. By using this website, you agree to these exclusions and limitations of liability.