Patch management is necessary because of the sheer number and complexity of systems to be patched, variations in the patches themselves and the complexity of orchestrating downtime in big organizations. Expert estimates on the number of new vulnerabilities revealed in 2018 ranged from 16,555 to 22,022. Cybercrime could cost businesses $5.2 trillion over the next five years, according to Accenture. Just 27 percent of cybersecurity teams surveyed in a recent white paper said patch management is a strategy for defending against cyberattacks.”]
Source: https://securityintelligence.com/articles/the-art-of-patch-management/