Chuck Leaver – Cisco 2015 Midyear Security Report Is Not All Negative

Written By Michael Bunyard And Presented By Ziften CEO Chuck Leaver

Having a look through the Cisco 2015 Midyear Security Report, the consensus was that “the bad guys are innovating faster than the security community.” This is not an unique statement and can be discovered in a great deal of cyber security reports, due to the fact that they are reactive studies to past cyber attacks.

If all you do is concentrate on negative results and losses then any report is going to look negative. The fact is that the vendors that are releasing these reports have a lot to gain from companies that wish to buy more cyber security solutions.

If you look carefully within these reports you will find good pieces of guidance that might considerably enhance the security arrangements of your organization. So why do these reports not start with this info? Well it’s all about offering solutions right?

One anecdote stood apart after checking out the report from Cisco that would be simple for organization security groups to deal with. The increasing vulnerabilities and exploits of Adobe Flash were detailed, and they are being integrated typically into exploit packages such as Angler and Nuclear. The Flash Player is regularly updated by Adobe, but a variety of users are sluggish to use these updates that would provide them with the security that they require. This indicates that hackers are making the most of the gap between the vulnerability being discovered and the update patch being applied.

Vulnerability Management Is Not Resolving The Issue

You would be forgiven for believing that since there are a whole variety of services in the marketplace which scan endpoints for vulnerabilities that are understood, it would be very simple to make sure that endpoints were updated with the most recent patches. All that is required is for a scan to be run, the endpoints that require updating identified, run the updates and job done right? The issue here is that scans are only run periodically, patches fail, users will introduce susceptible apps unintentionally, and the company is now wide open up until the next scan. In addition, scans will report on applications that are installed but not utilized, which results in considerable numbers of vulnerabilities that make it difficult for an analyst to prioritize and control.

What Is So Simple To Address Then?

The scans need to be run continuously and all endpoints monitored so that as quickly as a system is not compliant you will know about it and can respond right away. Constant visibility that provides real time notification and comprehensive reporting is the new requirement as endpoint security is redefined and people realize the age of avoidance – first is over. Leveraging the National Vulnerabilities Database (NVD), each application that is in fact running a known vulnerability can instantly be recognized, security personnel notified, and the patch used. Additionally, services can search for suspicious activity from susceptible applications, like abrupt application crashes, which is a possible indication of an exploit effort. Finally, they can likewise identify when a user’s system has not been rebooted since the last security patch was available.

There Certainly Is Hope

The good news about real-time endpoint visibility is that it works on any vulnerable application (not just Adobe Flash) because, hackers will move from app to app to develop their methods. There are basic services to big issues. Security teams simply have to be warned that there is a better method of managing and securing their endpoints. It just takes the proper endpoint detection and response service.

 

~leaverchuck1


No Responses Yet to “Chuck Leaver – Cisco 2015 Midyear Security Report Is Not All Negative”

Leave a Reply