The Five Controls of Cyber Essentials – 3 – Patch Management

The Five Controls of Cyber Essentials – 3 – Patch Management

Keeping your devices and software up-to-date is essential regardless of whether you have gained the Cyber Essentials Accreditation or not. The potential ramifications of using outdated software could be disastrous, and cyber criminals could do irreparable damage to your computer systems. It is very important to keep both work and home devices up-to-date; just because your devices are at home does not mean they are immune to attacks or problems – if anything, they are more vulnerable!

Yes, the updates that manufacturers release are for us to enjoy the new features that they have added, but what most don’t know is that their main function is to fix any security vulnerabilities that have been discovered in their systems. There is little that is more important than doing these updates when it comes to the security of your device; setting them to automatic wherever possible is recommended.

Some do not know that all IT has a lifespan; when a device gets old it can reach the end of its life. With technology ever-evolving, we are constantly finding new ways to get the most out of our tech and be as secure as possible.

Malware, however, is also forever evolving to develop new methods of combatting our defences wherever possible. Therefore, updates need to be as regular as possible. Admittedly, they are often more regular than you might want them to be but with the constant evolution – that is unlikely to slow down any time soon – it is of the utmost importance to do them as soon as possible. If your device is no longer supported by updates, you should consider a modern replacement immediately. Be sure that it is backed up by the manufacturer to be sure that you are cyber safe.



Vulnerabilities (Security flaws) can be found in any device that runs software. These are what cyber criminals are looking for, and they move quickly to take advantage of these vulnerabilities, attacking computers and networks often for financial gain. Fixing these vulnerabilities in your computer systems is essential to the security of your IT landscape.


Cyber Essentials – The requirements

You must install updates within two weeks of their release date if the vendor describes the patch for fixing the flaws as ‘critical’ or ‘high’. Your software must be up-to-date wherever possible; it must also be licensed and supported. Take care to remove software from devices immediately as soon as it is no longer supported.


Cyber Essentials – The Objective

Ensure that devices and software are not vulnerable to known security issues for which fixes are available.


Helping you achieve cyber Security in your organisation

Our team of experts will help you achieve cyber security in your business. We cannot stress enough that security is not a luxury but an essential part of protecting any business in the digital age – that is why we take a security-first approach. With the Cyber Essentials Accreditation, you can be sure that you have the infrastructure in place to guarantee a secure future for your business. We will educate your employees to guarantee they are doing their utmost toward protecting the security of your organisation. We go above and beyond in helping our clients and their teams get more value from their technology by providing education. We guarantee that our clients always come first, and employ a straightforward approach that provides a strong relationship between our team and yours. Contact us now and find out how we can help your business both to achieve the Cyber Essential Accreditation and to work securely when online.