Page 40 - Cyber Defense eMagazine for July 2020
P. 40

The Ongoing Patching and Configuration Crisis

            When you couple new potential entry points for hackers to exploit along with the fact that organizations
            report taking up to 102 days for patches to be applied and tested, it is apparent that the enterprise attack
            surface is growing at an unprecedented rate.

            To fully understand the scope of the issue, look no further than three years ago with the WannaCry
            ransomware attack. The ransomware was able to spread rapidly by exploiting a known vulnerability that
            was left unpatched in a large majority of organizations for months – leading to one of the most notorious
            hacking events of our lifetime.

            Research for the Automox Cyber Hygiene Index also confirmed that four out of five organizations have
            suffered at least one data breach in the last two years. When asked about the root causes, respondents
            placed phishing attacks (36%) at the top of the list, which is to be expected. Social engineering attacks
            continue to be a favorite initial vector that attackers use.

            The surprising part of the results is that the majority of breaches could have been prevented with basic
            cyber hygiene practices in place. The other top causes were missing operating systems patches (30%),
            missing application patches (28%), and operating system misconfigurations (27%)  – all of which are
            fundamentals of proper endpoint hardening.




            The Industry is Failing to Keep Up
            Adversaries  are  weaponizing  new  critical  vulnerabilities  within  7  days  on  average.  And  zero-day
            vulnerabilities are already weaponized at the moment of disclosure, yet companies are known to take
            weeks and in some cases months to deploy patches.

            For this reason, a 24 / 72 threshold for endpoint hardening is imperative. If organizations can commit to
            eliminating  zero-day  exploits  within  24  hours  and  other  critical  vulnerabilities  within  72  hours,  they’ll
            prevent weaponization and ultimately better protect their critical assets.

            According to the recent survey, the industry is still catching up to meet this ambitious patching standard.
            Only 42 percent of companies can patch remote endpoints within three days and 15 percent within one,
            highlighting  the  struggles  companies  face  with  patching  and  hardening  endpoints  in  remote
            environments.




            Embracing Newer Technologies to Help

            One of the more positive outcomes from the research is that companies are increasingly embracing
            automation as a potential antidote for the security challenges that they are currently facing.


            The  findings  showed  that  96  percent  of  organizations  have  deployed  some  automation  for  endpoint
            patching and hardening, yet only 23 percent are fully automated.







            Cyber Defense eMagazine –July 2020 Edition                                                                                                                                                                                                                         40
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   35   36   37   38   39   40   41   42   43   44   45