Protecting your business from the sheer number of software vulnerabilities and cyber security threats requires vigilance and expertise. Just this week Intel announced that they had discovered major flaws and vulnerabilities in their processors, resulting in a rush to fix the bugs which could allow hackers to steal sensitive information.
- 99.9% of attacks are not 0-day
Most attacks that occur are based on commonly found exploits. In fact, if you’re operating a server and it has an IP address, it’s probably being scanned by automated tools that detect these kinds of exploits. Meaning that there’s a patch for it to easily protect your systems.
- Almost all attacks require user-input
User input is a major way that malware can occur. Email is still a significant infection vector, but it usually requires someone without any basic cyber security knowledge to click on a link to aid in the infection of a machine.
- A quarter of machines have out of date Antivirus
The signatures on 24% of machines scanned have AV that is so out of date, meaning it is no longer serving a purpose. If you don’t have a patched system, you won’t be able to detect malware if it becomes infected.
- Patches exist for the most common Malware
Once a flaw has been discovered in a piece of software, a patch needs to be made. Vendors try and keep these flaws a secret because if it goes undetected then nobody can exploit it. However, once a patch has been released, it’s usually reverse engineered to create an exploit. This can take anything from 24-hours to 4 days. You have this period to ensure that your system is patched and therefore immune from any exploit that is subsequently created.
- Target awareness is poor
It’s not just Microsoft products that suffer from vulnerabilities. The likes of Adobe and Java suffer from significant issues as well. Knowing about your software estate will provide you with a huge advantage.
So, what can you do to make sure that your environment is safe? Updating your IT policy on how often you patch, user education and keeping your patches up to date can be simple and easy ways to protect your IT environment. However, not all businesses have the time and resource to do this. Investing in a technology partner to manage your patches could save your business from malicious attack.
Bluesource provide patching support to firms across all industry sectors. For almost 20 years we have been delivering IT outsourcing as a flexible service to meet the unique requirements of each of our customers. Underpinned by industry best practice and SLA’s to ensure stability and innovation, we deliver support 24x7x365 via remote monitoring or onsite presence.