A cybersecurity analyst at a large e-commerce company is reviewing the latest vulnerability scan report for the production environment. The report flags several critical vulnerabilities on the primary order-processing server. The analyst confirms that patches for these vulnerabilities have been available from the vendor for over a month. However, the system administration team has not applied them and has formally accepted the risk for the current quarter. Given the critical function of this server and the company's high-volume sales, which of the following is the MOST likely inhibitor preventing the remediation of these vulnerabilities?
Budget constraints for new security tools
Business process interruption
The presence of redundant systems
The use of legacy systems that cannot support new patches
The correct answer is Business process interruption. Organizations are often hesitant to apply patches that might disrupt critical business operations, especially for systems that require continuous uptime. In this scenario, the order-processing server is crucial for the e-commerce company's sales, and any downtime for patching could lead to significant revenue loss. The presence of redundant systems is a facilitator, not an inhibitor, for patching. Budget constraints for new tools are irrelevant as the patches are already available. The use of legacy systems is a plausible inhibitor, but the scenario implies the system is patchable, making the interruption of business the most direct and likely reason for the delay.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why do business process interruptions prevent organizations from applying patches?
Open an interactive chat with Bash
How can organizations mitigate the risks of patch delays due to business process interruptions?
Open an interactive chat with Bash
What tools or frameworks can help in managing patches without causing significant business disruption?