With today’s complex IT infrastructures, organisations need to constantly refresh their environments to stay on top of security threats. Unfortunately, many organisations do not regularly conduct vulnerability assessments because they do not realise how critical this step is for maintaining an effective cyber defense posture, and keeping up with available application patches.
According to the ACSC, an average of 164 cybercrime reports are made everyday nationwide – about one every 10 minutes. As a result, malicious attackers can exploit these vulnerabilities to gain access to sensitive information and manipulate IT operations at will.
For these reasons, your organisation needs to incorporate regular patch application and system maintenance into its routine processes. Keeping systems and applications up-to-date with software patches is vital to mitigating security vulnerabilities and reducing risk.
What is the Essential Eight?
The Australian Cyber Security Centre (ACSC) developed the Essential Eight as a series of baseline cyber security risk mitigation strategies. They are:
- Application whitelisting
- Patching applications
- Configuring Microsoft Office macro settings
- Application hardening
- Restricting admin privileges
- Patching operating systems
- Multi-factor authentication
- Daily backups
What are security vulnerabilities?
A security vulnerability is a weakness or an opening in the security of a system that can be exploited by an attacker to gain access to the system. In general, it refers to any gap or flaw in the design, implementation, or operation of a system that allows an attacker to exploit it.
While security vulnerabilities can be assessed by reviewing the company’s risk profile and its various assets, it is also important to assess your organisation’s entire current security posture. Technical tools such as penetration testing, vulnerability assessments, and network scanning can be used to identify potential security threats. These tools can be used in a variety of ways, including by evaluating the strength of a system’s firewall and identifying sensitive data that is stored on the premises.
Other methods include employee interviews, observation of physical access points, and monitoring systems for unusual activity.
What is application patching?
When you apply a patch, the software is updated and the existing code is replaced by the new code. The patch may fix bugs or add new features. In Windows, for example, you can apply a patch to your computer by downloading and installing it from Microsoft.
Patch application is a key element of cyber security, as it ensures that your systems are protected against cyber-attacks and malware. When a patch is released by the vendor, it should be applied within a strict timeframe to limit your business’s exposure to the security vulnerability.
Patch application timeframes
The ACSC states that once a security vulnerability on an internet-facing service is made public, malicious code can be expected to arise within 48 hours. It’s vital to the protection of your data and systems that patches are applied within a specific timeframe to mitigate risks.
- Mitigate basic cyber threats:
- Internet-facing services: within two weeks, or 48 hours if an exploit exists
- Commonly-targeted apps: within one month
- Mitigate moderate cyber threats:
- Internet-facing services: two weeks, or 48 hours if an exploit exists
- Commonly-targeted apps: two weeks
- Other apps: one month
- Mitigate advanced cyber threats:
- Internet-facing services: two weeks, or 48 hours if an exploit exists
- Commonly-targeted apps: two weeks, or 48 hours if an exploit exists
- Other apps: one month
Identifying available patches with vulnerability scans
An issue many organisations face is identifying patches as they become available. In many cases, some apps and systems can be left exposed simply through a lack of knowledge. This is where vulnerability scanners come in handy.
A vulnerability scan is the best way to quickly identify any issues with an application’s security. These scans are also a good way to identify any third-party dependencies that your application may be using. It’s important to monitor these dependencies to ensure that they don’t have security vulnerabilities of their own.
The ACSC recommends scanning for available patches:
- Mitigate basic cyber threats:
- Internet-facing services: daily
- Commonly-targeted apps: fortnightly
- Other apps: as required
- Mitigate moderate cyber threats:
- Internet-facing services: daily
- Commonly-targeted apps: weekly
- Other apps: fortnightly
- Mitigate advanced cyber threats:
- Internet-facing services: daily
- Commonly-targeted apps: weekly
- Other apps: fortnightly
Target your vulnerabilities with help from the Essential Eight specialists
Patch application is one of the best ways to mitigate the risks associated with a cyber security incident. When a vulnerability is discovered, a patch should be applied within a strict timeframe to limit your business’ exposure to the security vulnerability. However, it’s important to remember that patches only go so far in protecting your systems and network against attacks.
The cyber security engineers at Itopia specialise in managing the Essential Eight mitigation strategies for businesses nationwide. Talk to them today for an assessment and bring your business’s cyber security up to the national standard.
