2018 has started with a bang as two new vulnerabilities hit our screens. Meltdown and Spectre made a show a few weeks ago, and while it caused IT teams across the world a giant headache, it also caused us all to take a look at the way we manage our security protection as a whole.
Both Meltdown and Spectre exploit critical vulnerabilities in modern processors which allow other programs to steal data like passwords, photos, emails and business critical data. For a full understanding of the two vulnerabilities, visit https://meltdownattack.com/
Now, while these issues are for the hardware vendors like Intel and Dell to address, it’s crucial to apply the given patches to cover the vulnerability. Patch management is a critical aspect of risk management – and one that we neglect all too often in favor of other needs.
The major downside of course to patching lies in the age-old argument of Security versus Performance, so here are six essential things to keep in mind to make sure that you’re both protected and running at your best.
Cyber Security maintenance best practices:
- Do you have a Risk Management framework? If the answer is no, then it’s something you need to start drawing up right now. If you can’t control and manage how you’re protecting your assets, then you’re not protecting your assets.
- Patch management in a risk framework is important. While patching can be resource heavy and not the most exciting of tasks, it’s a necessary evil that will prevent potential loss of critical data. Make sure you look at the specifics of a patch and calculate any additional work with other systems to avoid issues.
- Remember it’s all a balancing act. Different systems will need different patches and you must do them in order to make sure issues don’t arise. For example, if a Microsoft OS patch is released a week before a security patch, make sure to implement it first as it will ensure the application is up to date before the security patch is put into place. This confirms the need for a Risk Management framework which would plan for such things.
- Integrate Vulnerability scanning into your risk management framework. Spectre and Meltdown are prime examples of the type vulnerabilities that can’t be patched because they’re too hidden, or can go undetected for months as the exploit is originating from outside your systems from a phone or other IoT device. You can double up with Vulnerability Scanning to “close the door” at your end instead. Running regular scans are important to have a proactive security defense rather than a reactive one and something that Cogeco Peer 1 can help with here.
- Schedule. Schedule. Always make sure these internal and external vulnerability scans are scheduled into your risk management framework on a regular basis and delve into what the scans are actually checking for. A lot of “set it and forget it” scans won’t actually look for the things your organization needs, and while scans are required for some compliance objectives like PCI quarterly, that’s a minimum standard. Best practices of your company may find a need to scan monthly, or even weekly.
- Don’t ignore maintenance reminders. Pop up reminders for scans, updates, upgrades and patches are set for a reason. Don’t delay them for the sake of a few minutes work.
The moral of the story is, despite these vulnerabilities being out of our hands, creating a Risk Management framework, maintaining regular checks of your infrastructure and using both patching and scanning together as a proactive defense is the best way to take back control.
Want more help or advice on creating a Risk Management Framework? Schedule your Custom Consultation today.