O

f all the risk factors in the InfoSec domain, vulnerabilities are probably the most discussed, tracked, and assessed over the last 20 years. But how well do we really understand them? Their link to security incidents is clear enough after the fact, but what can we do before the breach to improve vulnerability management programs?

A patch deployment strategy focused on coverage and consistency is far more effective at preventing data breaches than “fire drills”. Keeping your systems patched as soon as patches are released is and can be the strategy to avoid the last minute rush to get it all done. Not only does that not leave room for error; it’s stressful on your teams; it’s difficult to schedule; and, the impact to your customers and testing can be unpredictable and disruptive. Did you know that “More than 80 percent of all publicly known exploits have patches available on the day of the vulnerabilities public disclosure”? Crazy that we still continue to be relaxed about the the prevention of a security incident or a data breach.

What is the difference between an incident and a breach?

Security incident: Any event that compromises the confidentiality, integrity, or availability of an information asset.

Data breach: An incident that resulted in confirmed disclosure to an unauthorized party.

Verizon released a report recently on 2015 data breach investigations: “We found that 99.9% of the exploited vulnerabilities had been compromised more than a year after the associated Common Vulnerabilities and Exposures (CVE) was published.” The study also showed CVE’s over the last 15 years and many of them are still around; meaning that any vulnerability management program should be able to cover the older CVE’s not just the most recent. In fact, a remediation strategy is the only way to prevent these old CVEs from affecting your systems; because hackers will continue to use the oldies as bait as long as they get bites.

Effective vulnerability management cannot be based on starting the patching “fire drill” only when a critical security vulnerability is announced.  Even well-tuned Windows patching processes are not 100 percent effective, and non-Windows processes lag even further behind. To provide shielding, IT security departments need the ability to employ technologies to the network, servers and desktops; these include patch management, firewalls and intrusion prevention systems. Close coordination is needed among security, network, server, application and desktop operations groups to provide timely and effective shielding against vulnerabilities.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

More posts like this:

Patch Management