Enterprises have any number of technological solutions in place to provide those security capabilities at different levels of effectiveness.
“Inspection” is a term that anyone who has ever had even a passing acquaintance in the military/police , fire department or paramedics understands. Cybersecurity inspection may not have you standing at attention at the door to the data center, but rest assured a “bucket of oily rags” would be something the safety folks would identify as a “must fix”. Believe it or not, vulnerability management, also known as patch management, can tell you if you have a risk of a data breach inferno.
THE RIGHT FRAMEWORK FOR YOUR BUSINESS
Most enterprises have any number of technological solutions in place to provide those security capabilities at different levels of effectiveness. Effectiveness, efficiency and reporting on success and failure is vital. When it comes to vulnerability management the capabilities have to go far beyond what native configuration and patch deployement solution can provide. The solution is to evaluate and adopt the right framework for your organization. As an example, “NIST CSF (cyber security frame) recommends building security capabilities along “Identify” “Protect”, ”Detect”, “Respond” and Recover”, that can be adopted as a foundational approach and build suitable tools in alignment with the design aspects. Investment in a top notch 3rd party solution or a specific patch management as a service (PMaaS) firm that are designed for realtime detection, enterprise wide remediation, and Zero-Touch deployment should be at the top of the list to provide an enterprise proactive security.
‘The Australian Signals Directorate (ASD) assesses that implementing the Top 4 Strategies to Mitigate Cyber Intrusions will mitigate at least 85% of the intrusion techniques that the Australian Cybersecurity Centre responds to. For this reason, the Attorney General of Australia requires Australian government agencies to implement ICT protective security controls as detailed in the Australian Government Information Security Manual (ISM) to meet ASD's Top 4 strategies.’ (https://www.asd.gov.au/infosec/top-mitigations/top-4-strategies-explained.htm)
STRATEGIES TO COMBAT CYBERCRIMINAL INTRUSIONS
The ASD’s guidance prescribes 4 strategies to combat cybercriminal intrusions. Two of those four are related to Patching – Patch Applications and Patch the Operating System(s). It is very clear that in order to reduce the risk of a data breach, aggressive and timely patching is required.
‘Every server, workstation, network device, network appliance, mobile device, operating system and installed application needs to be kept up to date in order to ensure the security of an organization’s operating environment as a whole. A single unpatched machine significantly increases the attack surface of an organization’s environment, and this increase is multiplied as more machines are in a vulnerable or unknown state.’ (IBID)
When a world-wide threat such as Wannacry or Not Petya breaks out, the organization may need to deploy an emergency patch sometimes as quickly as within 48 hours. Reaching thousands or even tens of thousands of endpoints requires a solution and a team that can scale to meet the demand. Depending on the virulence of the threat, priority patching may need to take place on workstations or Internet facing servers such as web, email and remote access - in hours.
PATCHING WITHOUT TESTING?
There is no question that patching without testing is risky, however when confronted by the impact of a global ransomware worm, the question to ask is how much damage can your organization afford? In the cases of FedEx/TNT Global and Maersk Shipping, the damage was assessed at $300M for each company. Your business’ change management process for the testing, approval and deployment of critical security patches needs to move faster than these global threats.
Although the business may be somewhat uniform when it comes to operating systems, the suite of applications used in enterprises can number in the hundreds. Given that Java, Adobe Flash, Adobe Acrobat (PDF) Reader, Microsoft Office and web browsers from all the vendors are frequently targeted by exploits, these along with the operating system must also be patched quickly when a vulnerability is under active exploit.
Legacy applications (no longer vendor supported) and out-of-date applications drastically increase the level of risk to an organization. Keeping applications at the most current release provides security where it is needed the most – on user workstations which interact with the Internet. The ASD provides explicit guidance on application patching:
‘Timely patching of applications substantially reduces the potential for attacks to compromise an organization’s computing environment and should be considered as important as timely operating system patching.’
Contact Us Today
Finding Hidden Patterns and Correlations Innovative technologies such as artificial intelligence (AI), machine learning (ML) and natural language processing (NLP) are transforming the way we approach data analytics. AI, ML and NLP are categorized under the umbrella term of “cognitive analytics,” which is an approach that leverages human-like computer intelligence to identify hidden patterns and correlations in data.Explore
The Rise in Big Data Analytics According to Internet World Stats, global internet usage increased by 1,339.6% between 2000-2021. With nearly thirteen times as many people using the internet, this has resulted in a massive increase in the amount of data being processed daily. Our increased sharing and consumption of digital media also compounds this increased usage to create an enormous pool of data for big data analytics firms to process.Explore
What Is an SQL Query Engine? SQL query engine architecture was designed to allow users to query a variety of data sources within a single query. While early SQL-based query engines such as Apache Hive allowed analysts to cut through the clutter of analytical data, they found running SQL analytics on multi-petabyte data warehouses to be a time-intensive process that was difficult to visualize and hard to scale.Explore
The Cloud is the Key to Transformation Success… Transitioning your applications to the cloud is undeniably a critical factor to a successful digital transformation endeavor. It’s more than just a lift-and-shift, however. Let’s explore several things that you need to consider before migrating your applications to the cloud, including: Readiness of your application portfolio Where to begin – the right business case and migration strategy Technology requirements and considerationsExplore
Application Modernization at Speed and Scale Enterprises are pursuing greater application scalability, cost efficiency, and standardization with containerization and virtualization platforms. So, what’s the difference? Containers are a type of virtualization technology that allows users to run multiple operating systems inside a single instance of an OS. They are lightweight and portable, making them ideal for running applications across different platforms.Explore