Practice Two: Maintaining Cybersecurity by Keeping Systems Up to Date

System Updates

Notifications about software updates are now familiar occurrences. They may seem to appear at the most inconvenient times, but they should not be ignored. Doing so leaves your online devices vulnerable to cyberattacks. Cyber threat actors are opportunists who are looking to find an easy way onto your network.

The most common way an attacker gets onto a system is by exploiting a vulnerability. The vulnerability can be in the form of a software application with a flaw that an attacker can use to gain access, a misconfigured firewall or a user that clicks a link in an email that surreptitiously installs software opening a back door. These tactics can result in the attacker gaining a presence on a network. Once an attacker has connected to a system, they are effectively sitting at a desk in the office. Their next step is to find a user account that has the permissions to launch the attack.

An organization can reduce the likelihood of a cyberattack by preventing an attacker from having a presence on its network. Since most attacks start with an exploited vulnerability, organizations should start by minimizing those vulnerabilities by keeping their systems up to date. Key ways to help keep your organization’s systems up to date include:

• Using automated patching wherever possible.
• Always visiting vendor sites directly when manually updating software rather than clicking on advertisements or email links.
• Avoiding running software updates while using untrusted networks, like in an airport or a hotel.
• Making security awareness part of the culture.

What Do Software Updates Include?

An update can include new software to replace outdated versions, system updates, such as improved security software, utilities updates and new drivers. Software updates can also include patches for performance and security issues. It is essential for organizations to be prepared and enable automatic updates where possible, replace unsupported systems and test and deploy available patches quickly.

End-of-Life

When a software has reached end-of-life (EOL), software updates will no longer be released for the application. Continuing to use EOL software poses a threat to your system because an application that no longer receives security updates and patches is vulnerable to attack. Cybersecurity and Infrastructure Security Agency (CISA) recommends that users and administrators retire all EOL products.

Prevention and Protection

Rather than waiting for a cyberattack to happen, taking proactive steps to implement cyber readiness practices can help prevent an attack in the first place. Francis also shared this insight: “The overwhelming majority of cybersecurity insurance claims are things that could have been prevented and organizations had the means to prevent.” He lists updating and patching systems among the preventive steps organizations can and should take.

Addressing an audience at one of the Travelers Institute’s recent cybersecurity education programs, Val Cofield, Chief Strategy Officer of CISA, challenged organization and IT leaders to mitigate known and exploited vulnerabilities in their public-facing systems within 48 hours. As part of her challenge, she also spoke about the need to eliminate all default passwords from administrative accounts and public-facing systems, as well as eliminating all EOL assets supporting essential services or public-facing systems.

No matter how tedious routine updates may seem, they are a necessity. Taking advantage of automatic updates, and implementing them regularly, is one of the most important steps you can take to protect your network and devices.