With so many data breaches in the news, organization everywhere are reviewing their cybersecurity programs to ensure they stay out of the headlines. Since many high-profile data breaches have been caused by unaddressed vulnerabilities for which patches were available, organizations are increasingly looking to deploy solutions to help close these gaps.
How does vulnerability management help prevent hacks?
This week, an article on Healthcare Info Security pointed me to the Department of Health and Human Services' Office for Civil Rights' latest monthly newsletter which reminded HIPAA-covered healthcare organizations that software patching was a critical step in securing their networks and offered some advice about the tools and processes to implement. As the article points out, the advice applies to nearly all organizations, not just those in the healthcare sector, but it can be difficult for organizations to put into practice.
It was reported yesterday that Adobe has once again issued a critical patch for it’s Flash Player browser plugin due to a vulnerability that is being actively exploited to deploy malicious software. We’ve written before about the dangers of Flash and even Adobe has announced it will end support for the software at the end of 2020. However, while many security-minded professionals have heeded the advice to remove or enable click-to-run for this plugin, others have not. Many organizations still rely on websites and software that utilize the plugin for needed functionality and can’t simply remove the software entirely.
Software patches provide a critical role beyond providing reminders to end users. Their purpose is to fix bugs and vulnerabilities that are present and to create a safer, more secure computing environment. Applying these patches is critical for organizations to reduce the risk of data breaches or compromise; however, due to the sheer number of patches or vulnerabilities that are found, it is often difficult for organizations with even moderately complex environments to perform this function.
So often the cause of the major breaches we see in the news is failure by the organization to patch a software vulnerability for which a patch has long been available. Hackers know organizations often lag months or longer on installing available patches and they take advantage of these gaps in your security to gain access and cause harm. Oftentimes this lag is because the organizations do not have the time, resources, or technology needed to effectively identify vulnerabilities and implement the necessary remediation.
If you watched Zuck testify in Congress in early April 2018, you could feel the nation’s mindset around security and data privacy shifting in a positive direction. The people not in the security community learned that even when they think they’re protecting their data, they’re not. They might be asking themselves, what can I do to protect my data online? Delete my Facebook? Throw my cell phone into the abyss? Close my bank account? Then, you realize, we’d be lost without these life lines.
One of the best ways to reduce risk quickly is to identify and remediate vulnerabilities across your network devices. And a vulnerability scanner can be a terrific way to seek out vulnerabilities lurking in your infrastructure. But how do you create a plan to scan your network devices regularly as new vulnerabilities continue to emerge, and what do you do with the scan results? A vulnerability scanner can be a great tool when you take the time to use it to its fullest. But all too often this type of software goes unused or underused because time isn’t easy to come by in most security organizations.
If you’ve been paying attention to cybersecurity, it’s very likely you’ve seen news regarding Github’s survival of the largest DDOS attack recorded in history. Clocking in at 1.3 TBPS (terabytes per second) it’s impressive that their network didn’t tank. This is in part due to the services of Akamai who was able to successfully proxy and scrub the network traffic.
With the Center for Internet Security (CIS) set to launch version 7 of the CIS Controls (formerly the SANS Critical Security Controls) this March 19th, it’s a great time to review your cybersecurity posture and make sure you’re keeping pace. The latest update is expected to make minor changes that reflect the changing security landscape. While prioritization of the controls may change, it’s unlikely that many of the core controls will change substantively.
This week, Cygilant announced its latest service available via the SOCVue Security Operations and Analytics Platform – Unified Vulnerability and Patch Management. Why is this unique and why is it important?