Recommendation: Mistakenly expired licenses mostly reflect lapse in the administration of the system. Try to find the root cause and make sure you have proper policies in place. In some countries pirated software is common, but creates a breeding heaven for viruses and worms. Make sure you tie up with respectable vendors. Use vulnerability scanners or asset managers to finding unauthorized installations of software in your organization.

9. Patching kiosks, industrial control systems or critical infrastructure

Kiosks, industrial control systems, critical infrastructure or SCADA systems are increasingly using standard operating systems like Windows or Linux. But their version of Windows may be a slightly modified version of the standard OS - which has been customized by the SCADA vendor, so when Microsoft releases a patch, it cannot be installed on these systems. These systems have to wait for the customized or recompiled patch from the SCADA vendor.

Recommendation: Demand from your vendor expedite re-release of such custom patches. If the standard patch can be installed; demand from your SCADA vendor some sort of guidance on the safety of installing the standard patch on your critical infrastructure or factory floors.


10. Large number of patches

In the last few years we have seen unusually high numbers of patches and patches which fix tons of vulnerabilities. It’s very difficult to cater to such a high number of patches.

Recommendation: We cannot control how many patches are released by vendors. But with proper asset management, patch management tools and correctly maintained infrastructure we can prepare ourselves better for the dreaded patch day.