Enterprises have any number of technological solutions in place to provide those security capabilities at different levels of effectiveness.
“Inspection” is a term that anyone who has ever had even a passing acquaintance in the military/police , fire department or paramedics understands. Cybersecurity inspection may not have you standing at attention at the door to the data center, but rest assured a “bucket of oily rags” would be something the safety folks would identify as a “must fix”. Believe it or not, vulnerability management, also known as patch management, can tell you if you have a risk of a data breach inferno.
THE RIGHT FRAMEWORK FOR YOUR BUSINESS
Most enterprises have any number of technological solutions in place to provide those security capabilities at different levels of effectiveness. Effectiveness, efficiency and reporting on success and failure is vital. When it comes to vulnerability management the capabilities have to go far beyond what native configuration and patch deployement solution can provide. The solution is to evaluate and adopt the right framework for your organization. As an example, “NIST CSF (cyber security frame) recommends building security capabilities along “Identify” “Protect”, ”Detect”, “Respond” and Recover”, that can be adopted as a foundational approach and build suitable tools in alignment with the design aspects. Investment in a top notch 3rd party solution or a specific patch management as a service (PMaaS) firm that are designed for realtime detection, enterprise wide remediation, and Zero-Touch deployment should be at the top of the list to provide an enterprise proactive security.
‘The Australian Signals Directorate (ASD) assesses that implementing the Top 4 Strategies to Mitigate Cyber Intrusions will mitigate at least 85% of the intrusion techniques that the Australian Cybersecurity Centre responds to. For this reason, the Attorney General of Australia requires Australian government agencies to implement ICT protective security controls as detailed in the Australian Government Information Security Manual (ISM) to meet ASD's Top 4 strategies.’ (https://www.asd.gov.au/infosec/top-mitigations/top-4-strategies-explained.htm)
STRATEGIES TO COMBAT CYBERCRIMINAL INTRUSIONS
The ASD’s guidance prescribes 4 strategies to combat cybercriminal intrusions. Two of those four are related to Patching – Patch Applications and Patch the Operating System(s). It is very clear that in order to reduce the risk of a data breach, aggressive and timely patching is required.
‘Every server, workstation, network device, network appliance, mobile device, operating system and installed application needs to be kept up to date in order to ensure the security of an organization’s operating environment as a whole. A single unpatched machine significantly increases the attack surface of an organization’s environment, and this increase is multiplied as more machines are in a vulnerable or unknown state.’ (IBID)
When a world-wide threat such as Wannacry or Not Petya breaks out, the organization may need to deploy an emergency patch sometimes as quickly as within 48 hours. Reaching thousands or even tens of thousands of endpoints requires a solution and a team that can scale to meet the demand. Depending on the virulence of the threat, priority patching may need to take place on workstations or Internet facing servers such as web, email and remote access - in hours.
PATCHING WITHOUT TESTING?
There is no question that patching without testing is risky, however when confronted by the impact of a global ransomware worm, the question to ask is how much damage can your organization afford? In the cases of FedEx/TNT Global and Maersk Shipping, the damage was assessed at $300M for each company. Your business’ change management process for the testing, approval and deployment of critical security patches needs to move faster than these global threats.
Although the business may be somewhat uniform when it comes to operating systems, the suite of applications used in enterprises can number in the hundreds. Given that Java, Adobe Flash, Adobe Acrobat (PDF) Reader, Microsoft Office and web browsers from all the vendors are frequently targeted by exploits, these along with the operating system must also be patched quickly when a vulnerability is under active exploit.
Legacy applications (no longer vendor supported) and out-of-date applications drastically increase the level of risk to an organization. Keeping applications at the most current release provides security where it is needed the most – on user workstations which interact with the Internet. The ASD provides explicit guidance on application patching:
‘Timely patching of applications substantially reduces the potential for attacks to compromise an organization’s computing environment and should be considered as important as timely operating system patching.’
Contact Us Today
What are the Differences? Though often used interchangeably, data pipelines and ETL are two different methodologies for managing and structuring data. ETL tools are used for data extraction, transformation, and loading. Whereas data pipelines encompass the entire set of processes applied to data as it moves from one system to another. Sometimes data pipelines involve transformation, and sometimes they do not.Explore
One Unified Dashboard In the past, most enterprises would have used a legacy business management system to track business needs and understand how IT resources can fulfill these needs. The problem with these legacy systems is the manual data collection process, which introduces the risk of human error and is much slower than newer automated solutions.Explore
Intelligent automation in the workplace is becoming more relevant in the modern market. As automation technology becomes more refined and smart business models allow business owners to optimize their workflow, more and more are turning to intelligent automation for their internal and client-facing processes alike.Explore
What is a Hybrid Data Center? A hybrid data center is a computing environment that combines on-premise and cloud-based infrastructure to enable the sharing of applications and data across physical data centers and multi-cloud environments. This allows organizations to balance the security provided by on-premise infrastructure and the agility found with a public cloud environment.Explore
Leverage Your Data to Discover Hidden Potential The amount of data in the insurance industry is exploding, and the number of opportunities to leverage this data to achieve large-scale business value has exploded along with it. Rapid integration of technology makes it possible to use advanced business analytics in insurance to discover potential markets, risks, customers, and competitors, as well as plan for natural disasters.Explore
Increased Use of Data Lakes As volumes of big data continue to explode, data lakes are becoming essential for companies to leverage their data for competitive advantage. Research by Aberdeen shows that organizations that have deployed and are using data lakes outperform similar companies by nine percent in organic revenue growth.Explore