Patch Management is an important layer in your cyber security program. Even though it is so important, it is often neglected or not done correctly. One small inconsistency can be your downfall.
This could lead to unnecessary and easily avoidable problems. External attackers will exploit any vulnerabilities to gain a foothold in your environment and take control of the affected system, cause a crash, steal data or deploy malware.
New exploits are discovered daily and detailed findings are published in online databases, which is publicly accessible for both attackers and cyber security consultants.
J2 Cyber Security Centre team Vulnerability Findings:
J2 Cyber Security Centre assist our clients with ongoing vulnerability assessments by running scans to detect vulnerable and unpatched systems. This is done using both authenticated and unauthenticated scans throughout the environment, in-house, virtual or cloud. Our findings show that most vulnerabilities are due to third-party software not being updated.
This occurs when there is no patch management program or when the patch management process is simply not done.
A Few Technical Recommendations:
Your environment needs to be patched on a regular, ongoing basis. Our suggestion is to ensure there is automated patch management program that is correctly managed. This ensures that there is automatic updates wherever practical. There is a requirement to approve updates on WSUS servers and SCCM servers, so look at your business and plan around the requirements. We can help and let us create your dedicated patch days as a scheduled, managed and controlled process. This will ensure your environment stays up to date.
By skipping updates or only doing the critical updates you will have an inconsistent and badly patched environment. It is too late when you have already been exploited. A vulnerable environment is extremely time consuming to manage and difficult to correct.
Does your security team validate and manage your patch management?
- Hits: 206