Fragmented Security Patches and What It Means for CIOs
What CIOs Need To Know About Fragmented Security Patches
Infrastructure management is essential to manage security threats. While fragmented security patches can help, CIOs need to manage these carefully.
Fragmentation can be the silent killer of your security management program so crucial that CIOs pay attention to this issue. Any flaws force inventory management and security teams to meet at a crossroads. Inventory management is the foundation of your security and without it, there can be a prolonged risk.
Threat Management Is Messy
Cyber threats take on many forms that include phishing, malware, ransomware, and authentication attacks. Breaches can happen at the seams and between teams and tools. Many breaches occur not necessarily because a device is inefficient or doesn’t work, but because hackers will find different ways to penetrate your network in between the teams and tools that are put in place to keep them out. There are plenty of tools that can be used to help with security, but organizations are still struggling with inefficiencies and vulnerabilities.
The Meltdown and Spectra hardware vulnerabilities originally sent the industry into a tailspin and researchers expected processors to accelerate. However, this didn’t happen. Vulnerabilities that occurred with this then exposed decades’ worth of different chip memory. After this, CIOs needed to know what is vulnerable and the processor the code was in. To fix this, companies had to track down every single asset to patch in every data center and every laptop.
Patching falls under infrastructure management and it’s on the burden of companies to understand infrastructure status. In many organizations, it’s the CIO and not the CISO that manages this task. During times such as the coronavirus outbreak, when the thought of remote work could increase, companies need to be even more careful about what devices could be at risk. The Center for Internet Security has inventory control of software and hardware as one of its top two security protocols. If a company doesn’t have this management system in place then the company becomes an island and this is where the problem begins.
For Meltdown and Spectra, the researchers determined the processor pipelines were too shallow to be able to facilitate exploited memory more than ten years old. However, in late 2019, there were also findings of a new vulnerability. The research was prefaced by saying that while there is technically no new vulnerability, organizations must revisit the current inventory management process or the lack of existing methods. Some tech vendors are more susceptible to exploitation. For example, Microsoft has had a lousy track record for its operating system starting about ten years ago, which is what lead Apple Macs to be considered safer. More attackers are targeting Microsoft due to its massive footprint in the industry. The vulnerability is persuasive throughout anything with a computer, data center, or virtualization platform, which is what makes the processor flaw so interesting. It can be harder to fix since you have to fix everything. The vulnerabilities are learning ways to insert themselves into the threading functionality and the information shared between the different subcomponents can be extracted by vulnerabilities. An IT organization needs to know what is installed and it is status. Application updates, software, and hardware vulnerabilities are the responsibilities of IT. CIOs need to know which services someone could exploit to get access to a system. There is the further question of who would get access to the server to begin with. If bad people can access the server then it can cause a bigger problem.
Being Aware of Updates
If you keep adding systems to the infrastructure then you may not be in control of what’s happening and you aren’t aware of the status of things. Companies will use different systems and tools to help with fragment patches and updates. Having an inventory record helps build the foundation for security hygiene. Security patches do come at a trade-off between performance and protection. Intel has delayed patches after customers were complaining of too many system reboots. While patches do have the potential of breaking existing operations, the security features need to be also updated.