Case Study: Large Manufacturing Company reduces ERP patching risk with RiskLens

Large Manufacturing Company Conducts Cost-Benefit Analysis of Shorter Patching Window

Large Manufacturing Company worked with RiskLens to address a patching risk challenge in its ERP environment. Auditors found that the actual patching window was longer than the company’s patching policy, creating exposure to confidentiality risks from advanced persistent threats against ERP and restricted data.

Using RiskLens’s FAIR-based risk quantification analysis, the company compared its current patching process with an improved 90-day patching window. RiskLens showed that reducing the window could lower average annualized loss exposure from $85.0M to $35.5M, a reduction of about $49.5M, while also cutting vulnerability from 80% to 25%. The results provided a risk-based rationale for clearing the patch backlog and aligning operations with policy.