Patch and Pray

Why Trust Techopedia

What Does Patch and Pray Mean?

Patch and pray is an approach to cybersecurity that has to do with responding to existing threats and hoping that the results will deter future attacks. It is a common strategy of businesses that do not have the resources to be more proactive about their security.

Advertisements

Techopedia Explains Patch and Pray

Essentially, many companies and other parties do not have the resources or the ability to develop foolproof cybersecurity plans. As a result, many aspects of their plans are based on reaction: when a data breach or other type of malicious attack happens, the company addresses it, does damage control and puts solutions in place to stop it from happening again.

The problem with this approach is that cyberattacks evolve and so should cybersecurity. Security experts are recommending proactive cyberintelligence gathering that helps companies to predict cyberthreats and guard against them, instead of waiting for them to happen. For example, the security community often identifies existing viruses, malware applications or cyberattacks, and distributes solutions to inoculate systems against them, much the same way that medical professionals distribute vaccines for illnesses. This is a type of “patch and pray” reaction.

Along with these kinds of strategies, government and private business leaders are now recommending the use of more comprehensive security systems, many of which involve encryption, data shielding, data masking or other methods that will render a number of cyberattacks less effective. One example is the use of comprehensive cloud encryption gateways to encrypt all data emerging out of an internal corporate network. This type of brokered security means that many different kinds of hacking attempts between the internal network and the cloud do not jeopardize corporate data, even if they are successful in hijacking data traffic.

Developing a protective cybersecurity regimen takes time and requires a lot of resources. However, the cybersecurity community is leaning toward this type of model, in order to safeguard valuable data against hackers and unauthorized cyberattackers.

Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.