Enterprises have any number of technological solutions in place to provide those security capabilities at different levels of effectiveness.
“Inspection” is a term that anyone who has ever had even a passing acquaintance in the military/police , fire department or paramedics understands. Cybersecurity inspection may not have you standing at attention at the door to the data center, but rest assured a “bucket of oily rags” would be something the safety folks would identify as a “must fix”. Believe it or not, vulnerability management, also known as patch management, can tell you if you have a risk of a data breach inferno.
THE RIGHT FRAMEWORK FOR YOUR BUSINESS
Most enterprises have any number of technological solutions in place to provide those security capabilities at different levels of effectiveness. Effectiveness, efficiency and reporting on success and failure is vital. When it comes to vulnerability management the capabilities have to go far beyond what native configuration and patch deployement solution can provide. The solution is to evaluate and adopt the right framework for your organization. As an example, “NIST CSF (cyber security frame) recommends building security capabilities along “Identify” “Protect”, ”Detect”, “Respond” and Recover”, that can be adopted as a foundational approach and build suitable tools in alignment with the design aspects. Investment in a top notch 3rd party solution or a specific patch management as a service (PMaaS) firm that are designed for realtime detection, enterprise wide remediation, and Zero-Touch deployment should be at the top of the list to provide an enterprise proactive security.
‘The Australian Signals Directorate (ASD) assesses that implementing the Top 4 Strategies to Mitigate Cyber Intrusions will mitigate at least 85% of the intrusion techniques that the Australian Cybersecurity Centre responds to. For this reason, the Attorney General of Australia requires Australian government agencies to implement ICT protective security controls as detailed in the Australian Government Information Security Manual (ISM) to meet ASD's Top 4 strategies.’ (https://www.asd.gov.au/infosec/top-mitigations/top-4-strategies-explained.htm)
STRATEGIES TO COMBAT CYBERCRIMINAL INTRUSIONS
The ASD’s guidance prescribes 4 strategies to combat cybercriminal intrusions. Two of those four are related to Patching – Patch Applications and Patch the Operating System(s). It is very clear that in order to reduce the risk of a data breach, aggressive and timely patching is required.
‘Every server, workstation, network device, network appliance, mobile device, operating system and installed application needs to be kept up to date in order to ensure the security of an organization’s operating environment as a whole. A single unpatched machine significantly increases the attack surface of an organization’s environment, and this increase is multiplied as more machines are in a vulnerable or unknown state.’ (IBID)
When a world-wide threat such as Wannacry or Not Petya breaks out, the organization may need to deploy an emergency patch sometimes as quickly as within 48 hours. Reaching thousands or even tens of thousands of endpoints requires a solution and a team that can scale to meet the demand. Depending on the virulence of the threat, priority patching may need to take place on workstations or Internet facing servers such as web, email and remote access - in hours.
PATCHING WITHOUT TESTING?
There is no question that patching without testing is risky, however when confronted by the impact of a global ransomware worm, the question to ask is how much damage can your organization afford? In the cases of FedEx/TNT Global and Maersk Shipping, the damage was assessed at $300M for each company. Your business’ change management process for the testing, approval and deployment of critical security patches needs to move faster than these global threats.
Although the business may be somewhat uniform when it comes to operating systems, the suite of applications used in enterprises can number in the hundreds. Given that Java, Adobe Flash, Adobe Acrobat (PDF) Reader, Microsoft Office and web browsers from all the vendors are frequently targeted by exploits, these along with the operating system must also be patched quickly when a vulnerability is under active exploit.
Legacy applications (no longer vendor supported) and out-of-date applications drastically increase the level of risk to an organization. Keeping applications at the most current release provides security where it is needed the most – on user workstations which interact with the Internet. The ASD provides explicit guidance on application patching:
‘Timely patching of applications substantially reduces the potential for attacks to compromise an organization’s computing environment and should be considered as important as timely operating system patching.’
Contact Us Today
What Is an SQL Query Engine? SQL query engine architecture was designed to allow users to query a variety of data sources within a single query. While early SQL-based query engines such as Apache Hive allowed analysts to cut through the clutter of analytical data, they found running SQL analytics on multi-petabyte data warehouses to be a time-intensive process that was difficult to visualize and hard to scale.Explore
A Winning Base for Successful Digital Transformations When it comes to developing a successful digital strategy, it is not just corporations planning to maximize the benefits of data assets and technology-focused initiatives. The Government of Western Australia recently unveiled four key priorities for digital reform in its new Digital Strategy for 2021-2025.Explore
Engage Your Workforce with a Modern Employee Intranet Solution The employee intranet has changed significantly since it was first introduced in the early 1990s. What started as HTML-based static portals have now evolved into intuitive communication tools complete with search engines, user profiles, blogs, event planners, and more. Today, many organizations are taking a second look at employee intranets to bridge gaps between teams, build company culture, centralize information, increase productivity, and improve workflow.Explore
Adopting emerging cloud technologies, consolidating resources, and improving processes is the key. “IT no longer just supports corporate operations as it traditionally has but is fully participating in business value delivery. Not only does this shift IT from a back-office role to the front of business, but it also changes the source of funding from an overhead expense that is maintained, monitored, and sometimes cut, to the thing that drives revenue,” said John-David Lovelock, research vice president at Gartner.Explore
Deliver Powerful Insights Instantaneously with Federated Queries - No Matter Where Your Data Resides The concept of federated queries isn’t new. Facebook PrestoDB popularized the idea of distributed structured query language (SQL) query engines in 2013. Over the years, AWS, Google, Microsoft, and many others in the industry have accelerated the adoption of a distributed query engine model within their products. For example, AWS developed Amazon Athena on top of the Presto code base, while Google’s BigQuery is based on Cloud SQL.Explore
What is Unstructured Data? Almost 80% of the data that enterprises and organizations collect is unstructured - data without a set record format or structure. Unstructured data includes data such as emails, web pages, PDFs, documents, customer feedback, in-app reviews, social media, video files, audio files, and images.Explore