Charles Leaver – Something Easily Addressed From The Cisco 2015 Midyear Security Report

Written By Michael Bunyard And Presented By Ziften CEO Charles Leaver

Having a look through the Cisco 2015 Midyear Security Report, the view was that “the bad guys are innovating faster than the security community.” This is not a distinct declaration and can be discovered in a lot of cyber security reports, since they are reactive documents to previous cyber attacks.

If all you do is concentrate on unfavorable outcomes and losses then any report is going to look negative. The reality is that the suppliers that are releasing these reports have a lot to gain from companies that wish to buy more cyber security products.

If you look thoroughly within these reports you will discover excellent pieces of advice that might considerably enhance the security arrangements of your organization. So why do these reports not start with this info? Well it’s all about selling solutions isn’t it?

One anecdote stood apart after reading the report from Cisco that would be simple for organization security groups to address. The increasing vulnerabilities and exploits of Adobe Flash were detailed, and they are being incorporated often into exploit packages such as Angler and Nuclear. The Flash Player is often updated by Adobe, however a number of users are slow to apply these updates that would offer them with the defense that they require. This implies that hackers are benefiting from the gap between the vulnerability being discovered and the update patch being applied.

Vulnerability Management Is Not Resolving The Problem

You would be forgiven for believing that because there are a whole range of solutions in the market which scan endpoints for vulnerabilities that are known, it would be extremely basic to guarantee that endpoints were updated with the latest patches. All that is required is for a scan to be run, the endpoints that need upgrading identified, run the updates and task done right? The concern here is that scans are just run from time to time, patches fail, users will present vulnerable apps inadvertently, and the company is now wide open till the next scan. Furthermore, scans will report on applications that are installed but not utilized, which results in substantial numbers of vulnerabilities that make it hard for an analyst to prioritize and manage.

What Is So Easy To Address Then?

The scans have to be run continually and all endpoints monitored so that as quickly as a system is not compliant you will learn about it and can respond immediately. Constant visibility that supplies real time alerting and comprehensive reporting is the brand-new requirement as endpoint security is redefined and people recognize the era of avoidance – first is over. Leveraging the National Vulnerabilities Database (NVD), each application that is in fact running a known vulnerability can quickly be acknowledged, security workers alerted, and the patch used. Further, solutions can try to find suspicious activity from vulnerable applications, like sudden application crashes, which is a possible sign of an exploit effort. Lastly, they can likewise find when a user’s system has not been restarted since the last security patch was available.

There Definitely Is Hope

Fortunately about real-time endpoint visibility is that it works on any susceptible application (not only Adobe Flash) because, hackers will move from app to app to progress their techniques. There are easy solutions to huge issues. Security teams simply need to be warned that there is a better method of managing and protecting their endpoints. It simply takes the proper endpoint detection and response service.