Page 34 - Cyber Defense eMagazine - October 2017
P. 34

2.    Technology  advances  allowed  migration  from  WEP  to  WPA  to  WPA2  as  a  reaction  to
               vulnerabilities  that  were  identified.  Clearly  we  need  to  rethink  the  whole  way  we  do  key
               exchange within the wireless encryption protocols. So make sure you watch this space.


               3. From the technical side, patches will be coming and you need to be aware of which devices
               you have that are affected. Once you have this list, you need a plan in place for implementing
               the patches or workarounds as they need to be applied. But DO NOT ignore this, or take too
               much time. Some equipment or software will not be patchable. Be prepared to replace if you
               can't patch. Don’t risk leaving vulnerable systems in place. There is NO DOUBT that bad actors
               who  were  not  involved  before  made  good  use  of  the  CVE  information,  and  they  are  now
               developing exploit kits. So you ARE already in a race.


               Finally, Re-think Your Organization’s Vulnerability Management Plan
               At a higher level, organizations need to do more “what if” planning in the current world. This
               wasn't  a  big  deal  15  years  ago,  but  now  timeframes  to  mitigate  threats  have  shrunk.  With
               modern  vulnerabilities,  you  need  to  respond  faster  than  the  bad  guy.  That  may  have  been
               weeks  or  months  ten  years  ago.  Today  it  could  be  hours.  If  your  organization  isn't  already
               plugged into the research community and you have to rely on the media to tell you there's a
               problem, then you're doing yourself a disservice.

               When the CVEs were announced on Monday, companies that were well prepared implemented
               the  patches/workarounds  and  mitigated  the  risks  the  same  day.  Did  you?  Do  you  have  a
               “doomsday” plan in place that allowed you to disable all devices that could not be patched or
               protected? Did you have plans in place that allowed your organization to continue functioning
               without  wireless  connectivity?  What  about  other  potential  threats?  What  if  your  payment
               systems  are  targeted,  and  not  your  wireless  systems?  Your  manufacturing  and  production
               systems? Do you have the equivalent of “old school” pen and paper backups?

               These  days  the  bad  guys  are  as  small  and  agile  as  the  good  guys.  They  have  built  an
               ecosystem  that  allows  them  to  act  quickly.  You  don't  have  two  or  three  weeks  to  solve  the
               problem. You need a plan that guides your response if you have to modify your normal business
               operations until it can be resolved.

               Or are you going to be the next “Front Page” story?

               About the Author

               Rodney  Joffe  is  Senior  VP,  Fellow,  and  National  Security  Executive  at  information  services
               provider  Neustar,  Inc.    He  is  a  sought-after  cybersecurity  expert  who,  among  other  notable
               accomplishments, lead the Conficker Working Group in response the Conficker worm. Providing
               guidance and knowledge to organizations, from the United States Government and Congress to
               the  Internet  Corporation  of  Assigned  Names  and  Numbers  (ICANN),  and  Fortune  10
               companies, Mr. Joffe is a pioneer in the domain name system (DNS) and cybersecurity world.
               He is the holder of 6 issued and a number of submitted patents in those fields.





                    34   Cyber Defense eMagazine – October 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   29   30   31   32   33   34   35   36   37   38   39