Don’t look at security through a single lens

 In English, General, Press

According to Cisco’s Cyber ​​Security 2017 report, almost half of system alerts cannot be investigated. Therefore, many software vulnerabilities continue to threaten the data security and reputation of enterprises. A comprehensive security policy, supported by automated vulnerability management, highlights exploits and raises awareness of vulnerabilities that pose risks.

We use a nice idiom in Turkish: “If the old times were in demand, the flea market would have won a lot.” For this reason, old applications that are usually not updated and no longer patched invite serious security vulnerabilities.

Security is one of the areas in which companies invest the most today. For this reason, many organizations work with numerous vendors and try to ensure the security of systems and applications with the most advanced technologies. However, today’s IT inventory consists of highly complex and demanding technologies. Organizations’ ability to achieve their complete security goals depends on optimizing security technologies.

Security patches are often perceived as solutions to problems, but things can get very complicated at times. For example, WannaCry and NotPetya ransomware, which exploited vulnerabilities in Windows-based systems and the exploit data stolen from the NSA, followed a complex path to gain access to systems.

Zero bugs software dream

Today, no application developer is likely to write software that is 100 percent resistant to attacks with zero bugs. Like living beings, the software has a period of maturity and decline. The longer the software serves, the more vulnerabilities it contains. These deficits appear after a certain period. Hackers who want to take advantage of vulnerabilities or test themselves exploit system security.

Old software is a serious problem because, after a certain period, security patches are not released for this software. Therefore, Microsoft has decided to release patches for older operating systems that are not supported due to the magnitude of the WannaCry threat. However, in a world where we live in constant cyberattacks, it is not right to rely on updates for vulnerable legacy software.

With the WannaCry attack, many software such as Windows operating systems were updated and fortified with patch support. However, despite this, organizations still fell victim to NotPetya a month later. Possibly the patches only had an impact on a limited system environment, or the security teams could not deploy all patches on time. The trick here is not the availability of patches, but the necessity of applying them on time, quickly, and widely.

The same medicine for every disease! Not possible

Do patches always solve your security problem? No. For example, software patches do not protect against zero-day exploits. You may not be able to patch because you are running older systems. You might think that the patching will break something in your environment. You may be right in your concerns.

You may need to block potentially problematic software with privilege management and application safelist. Employees today tend to use some productivity-enhancing software on their computers. However, some of these apps may be the source of the problem. Therefore, this software must be included in the list of safe applications and must comply with the company’s licensing policy. Otherwise, complex applications will not only create security vulnerabilities but also increase desktop downtime and affect costs.

Half of the security alerts 

Even if the IT operation and IT security teams cooperate fully against cybersecurity attacks, sometimes the patches placed on the system may not yield the desired results. Maybe there is no holistic protection, so that a problem may arise somewhere in the system infrastructure.

According to Cisco’s 2017 Cybersecurity Report, 55 percent of security professionals work with at least six security technology vendor brands. While many security brands address different needs, attackers do not sit idly by. It can take advantage of various incompatibilities and loopholes in the security shield.

Security teams don’t spend a lot of time investigating which alerts are critical and why. Organizations that invest in the necessary human resources and tools are a little luckier against the numerous attacks that take place every day. However, according to Cisco’s report, almost half of the system alerts cannot be investigated. Therefore, this phenomenon continues to threaten the information security and reputation of organizations as a significant risk. A comprehensive security policy, supported by automated vulnerability management, highlights application vulnerabilities and raises awareness of vulnerabilities that pose risks.

Recent Posts
İletişim

Mesajınızı yazın.

Start typing and press Enter to search