The Single Cause Behind Most Vulnerabilities and How to Solve It
Having been involved in hundreds of vulnerability assessments I can confidently say that most issues have a single underlying source. The discovered vulnerability could be an increased risk of ransomware exposure, buffer overflows, elevation of privileges, denial of service, weak encryption, etc. Regardless of the diversity of the vulnerabilities, there is commonly a single deficiency within the organization that led to the risk. It is a crucial component of any solid cyber security framework, yet it remains one of the least appreciated and maintained areas of Information Technology. By now, you may have guessed, that I’m referring to patch management.
Inevitably, a vulnerability assessment will overturn workstations, servers, switches, firewalls, routers, wireless access points, hypervisors and countless other devices which all need to be patched. Consequently, the IT department is consumed with months of maintenance windows to get everything updated. After many late nights, every piece of infrastructure is finally fully patched. The IT department can finally get a good night’s sleep! Unfortunately, it won’t last long because while all of those patches were getting installed more vulnerabilities were discovered which will require more patching. This is the never-ending struggle of patch management.
It’s true that most IT departments have a pretty good handle on patching workstations and servers by leveraging automated patching solutions. However, that addresses only a small piece of the typical IT infrastructure. What’s a sleep deprived IT department to do to keep up with the tidal wave of patches? It’s s