Cloud Security, Cloud Vulnerability
Vulnerabilities can adversely affect an organization beyond its bottom line. They can also risk the privacy of personally identifiable information (PII) that, when compromised, can have real-life consequences. They undermine not only a company’s reputation — they also undermine the integrity of the infrastructures that store and manage this sensitive data.
The Equifax data breach is a case in point. By exploiting a vulnerability (CVE-2017-5638) in their application framework, attackers gained unauthorized access to its network and systems. The attack exposed PII of 145.5 million U.S. citizens and 15.2 million U.K. customers, and resulted in financial losses expected to reach US$439 million.
Indeed, a single, vulnerable endpoint, network, server, or application is sometimes all it takes to affect millions. Shellshock, Heartbleed, Poodle, and EternalBlue are just some of the notorious security flaws that leave doors open to data-stealing malware and other attacks. There are countless more — in fact, there were 1,522 publicly reported vulnerabilities reported in 2017. And 929 of these vulnerabilities were rated to be “critical” or “high” in severity.
Patching significantly reduces an enterprise’s exposure to these threats. However, it continues to be a perennial challenge for many organizations. In fact, surveyed organizations took an average of 197 days just to identify a data breach. Preventing data breaches is exacerbated by the added task of monitoring internet-of-things (IoT) devices and industrial-internet-of-things (IIoT) systems. IT and security teams may also find it arduous, if not virtually impossible, to download, test, and deploy patches for all vulnerabilities before they’re exploited — while also keeping gateways, endpoints, networks, and servers up and running.
Zero-day attacks are increasingly striking businesses. But urgent countermeasures like emergency/out-of-band patching and virtualization can cause operational downtime and additional overhead. There’s also compliance issues like the hefty fines that EU General Data Protection Regulation (GDPR) can impose or the stringent patching requirements of the Payment Card Industry (PCI).
Why enterprises take longer to apply patches
Vendors usually patch vulnerabilities, especially when they're considered critical. However, not all organizations and users apply them, or apply them immediately, and IT personnel are often left in a state of flux. The average organization takes over 30 days to patch standard operating systems and applications, and months or years to patch more complex business applications and systems.
- Uptime preservation. IT personnel might be hesitant to patch as it could involve downtime while critical business servers are offline.
- Cost reduction. Migrating from and replacing legacy systems or upgrading applications developed in-house could be costly and time consuming. In effect, IT groups become hesitant to fix or replace something that still functions regardless of its version.
These challenges can expose enterprises to risks such as network, system, endpoint, and security policy compromise, exposure of personal and mission-critical data, and ultimately, reputation damage and financial losses. Addressing these require the right tools. Technologies like virtual patching can help complement existing patch management processes by shielding known and unknown vulnerabilities. Virtual patching acts as an agentless emergency security tool that enterprises can use to quickly remedy vulnerabilities on affected servers and endpoints.
How organizations can benefit from virtual patching
- • Higher consolidation by offloading virtual patching from individual virtual machines (VMs) to a single security virtual appliance.
- • Faster performance by neutralizing security storms and resource contention from simultaneous patching.
- • Better manageability by eliminating agents for virtual patching and the need to configure and update each one.
- • Stronger security by providing instant-on protection for new VMs coordinated by the dedicated security appliance.