ACCOUNT LOGIN
CYBER-ATTACKS, VULNERABILITIES AND HOW PATCH MANAGEMENT CAN HELP YOU

CYBER-ATTACKS, VULNERABILITIES AND HOW PATCH MANAGEMENT CAN HELP YOU

What would happen if a hacker breaks into your systems, alters or steals your information, or leaves your users without access to essential services?

The probability of this happening is high if we consider that:

●      Two out of three companies suffered a cyber-attack last year[1].

●      A hacker could break into 93% of companies[2].

●      There are more than 170,000 vulnerabilities and more are added every year[3].

 

” Patch management doesn’t just fix bugs, or improve usability or performance; it addresses known security vulnerabilities.”

 

How to protect yourself?

To secure your systems, you need a defence-in-depth or layered strategy, which includes the design of secure architecture, risk management, a business continuity plan, and incident monitoring and response.

Patch management is one of the most important and effective security countermeasures that you can apply to eliminate vulnerabilities in your systems.

Vulnerabilities and patches

Cyber-attacks, which take advantage of system vulnerabilities, can have a major impact on the integrity, availability and confidentiality of the information handled by those systems. According to the Canadian Center for Cyber ​​Security (CCCS), patching operating systems and applications is the second most important IT security action an organisation can take to minimise intrusions and their impacts.[4]

Patch management is a 4-stage process:

1) Identify the patches: make sure you are up to date with the updates

2) Test the patch: Test the patch before applying it to verify that it is compatible with your existing software and environment.

3) Notify those affected

4) Install the patch: Apply the security patches as soon as possible to ensure the security of the devices. To avoid interruptions, schedule updates and patches outside of business hours.

 

Good practices and recommendations in patch management

●      If a vulnerability has not yet been exploited, carefully weigh the security risks of not patching against the operational risks of patching without extensive testing first.

●      You must ensure that users cannot disable patches, especially critical patches.

●      The software inventory should include not only what software is installed, but also its version.

●      You must balance your security needs with your needs for usability and availability.

●      You must ensure that patch management is efficient to avoid task overload situations.

Patch management can be carried out simply using automated tools, such as Faronics Cloud Deploy.

Patch management can be carried out simply using automated tools, such as Faronics Cloud Deploy.


[1] https://safeatlast.co/blog/cybercrime-statistics/

[2] https://www.ptsecurity.com/ww-en/analytics/external-pentests-results-2020/

[3] https://www.cvedetails.com/browse-by-date.php

[4] https://cyber.gc.ca/en/guidance/top-10-it-security-actions-protect-internet-connected-networks-and-information-itsm10089

About The Author

Jorge Ojeda

Jorge Ojeda is a product specialist in the Faronics Latam team in Canada.Jorge has a master's degree in cybersecurity and his friends think that he is a MasterChef cooking Chilean empanadas. In his free time he loves to walk and take photos in beautiful Vancouver.

Contact Us