90% of breaches can’t be wrong

December 28th, 2017
Matthew Likes
Security Architect – Mainline Information Systems

 

As a security professional working in the industry for the last 20 years, I’ve seen a lot of strange things. However, the last 5-10 years, in my opinion, have been the most difficult to watch. For a while, there seemed to be a huge breach being disclosed every week… from compromised children’s toys to replay attacks. We truly live in interesting times.

Despite millions of dollars being spent on protective and detective controls, there is a very real problem that many continue to roll their eyes at (while knowing in their hearts, it’s an issue). For some organizations, it’s even taboo to discuss because it will cause infighting between teams. I’m talking about a control that provides incomparable payout when compared to the boutique security solutions found on the market today.

Studies still show, time after time, that for all the investments made in security for controls and the number of thwarted attempts, breaches are still occurring at an alarming rate. Why is this?

Sad fact… More than 90% of breaches that occur today are the result of a missing patch.

Yes, the bad guys are getting more advanced. Yes, encryption is a REAL problem (on multiple levels). Yes, it is important to monitor traffic in-between hosts and ensure that only sanctioned processes are active in the environment; but, something arguably more valuable is maintaining good hygiene within the environment.

Let’s talk about Effective Patch Management.

I don’t make light of it. Keeping everything updated can be a real challenge.

The most common ones that I see are:

  • Lack of visibility – Many organizations rely on native tools to keep products up to date, and the only window they have into their patch status is their vulnerability management tool, which only highlights (often inaccurately) what is missing, and doesn’t offer a solution beyond “hey, go fix the problem!”
  • Lack of resources – Not all patch management solutions are created equal. Many require care and feeding, and they often require a whole team to maintain. There is also the subject of whose responsibility is it… security or infrastructure?
  • Broken dependencies – This is especially an issue if the actual developers of the applications aren’t on the payroll.

Over my next few posts, I’m going to address these issues. But, today, I’ll kick things off by highlighting one solution that I have seen time and time again, improve visibility, drastically reduce the number of vulnerabilities, and reduce the tension between teams.

At its core, BigFix is an easy to use and extremely powerful real-time Patch Management system that can be deployed in less than an hour. Imagine getting a reliable compliance status of every host in your environment (Windows/Linux/Unix/Mac/Applications) in minutes!?!

The product also sports integration capabilities with Active Directory, as well as modern SIEM solutions. So, on top of simplifying tasks for the infrastructure team, it also provides a window for the security teams. There are several solutions out there, but it’s difficult to find one that can do it quite as succinctly for less than the price of a latte!

In addition to the features mentioned above, BigFix can also perform vulnerability/configuration analyses and software distribution tasks on your servers and workstations. So, this tool, as the name implies, has tremendous capabilities. It directly addresses the first two issues that I mentioned earlier, and provides a window into the third.

Please stay tuned for my next post, where we’ll dive into the tragically deep topic of securing systems that “cannot” be patched. Fear not… there is a solution.

Please contact your Mainline Account Executive directly, or click here to contact us with any questions.

Submit a Comment

Your email address will not be published. Required fields are marked *