Researchers have found that companies take an average of 30 days to close known vulnerabilities and that many others delay the installation of updates for several months. This is alarming given that more than 230,000 malicious programs appear every day. At the same time, researchers have also found that a major of companies (56%) could have avoided falling victim to cybercriminals if they had simply installed necessary updates on time. The slow responsiveness to closing known vulnerabilities and installing updates is the result of four main things: (1) a lack of qualified specialists, (2) ineffective business procedures, (3) difficulty in prioritizing updates and (4) the complexity of installations. As the need to close vulnerabilities and install updates is not likely to change anytime in the near future, there are a few measures organizations can take to reduce the likelihood that they will become a victim: conduct basic cyber defense courses, automate the installation of patches and invest in cybersecurity.