A study by security ratings service BitSight uncovered a correlation between businesses running outdated operating systems (OSes) and browsers on their computers with a higher risk of data breach incidents. Those running outdated OSes were three times more likely to be breached, while those with outdated browsers were twice as likely.
The OSes and browsers, however, are not necessarily points of attack. Rather, they are profile indicators of victim organizations. Those who are lax in updating systems tend to not take a disciplined approach to security.
Significantly, approximately 20 percent of computers in the study were running Windows Vista or Windows XP in March; two months later, the WannaCry ransomware worm was let loose, which targeted Windows machines. More than 95% of WannaCry ransomware victims were Windows 7 machines, according to Kaspersky Lab.