In sport, we are familiar with the concept of the 'unforced error'. This is where a player loses a point as a result of a personal mistake, rather than the skill of their opponent. In tennis, this is typically where the player misjudges a shot and hits the ball into the net or out of court.
In cybersecurity, the two main unforced errors we come across on a regular basis are poor passwords and bad patching. While it’s possible for these kinds of oversight to seem insignificant, the truth is that they can have catastrophic consequences when the opposition (in this case a cyber criminal) takes advantage of the mistake.
Much has been written about poor password management with 'guessable' or frequently used passwords providing easy entry points for hackers. Patching, however, is equally important and perhaps less well understood.