Mitigating those problems is no easy task, as it is important to understand that, if users have a given Web browser client installed, it is down to the IT security department to decide on an effective strategy, such as enhancing the performance of intrusion protection systems and the like.
I hope that this overview and analysis of the top five threats for 2013 has piqued your interest. The field of IT security threats – and mitigating those threats – is a constantly changing landscape – meaning it is important to patch, remediate and review your existing devices, as well as applying the same processes to your ongoing defenses and defense strategies.
Understanding what devices are on your network is similar to knowing where the property lines around your home begin and end, allowing you to start building a fence. However, your fence will not keep people out if there are holes in it. In the IT world, these holes can be plugged using security patches.
Unfortunately, for many businesses, patch management is a problem – and since cybercriminals tend to exploit some of the most ubiquitous software on the market, the need to patch those applications assumes significant proportions.
As we’ve seen above, Oracle’s Java and other popular applications such as Adobe’s Flash Player are often common targets. For users of Microsoft Windows, we know they can also expect their machines to get the brunt of the cybercriminal attention.
Analyzing and deploying patches such as Microsoft’s Patch Tuesday updates can be a tedious process when carried out manually. Many small organizations rely on Microsoft’s automatic update mechanism, which, if enabled, can install critical updates with little administrator intervention.
Whilst this approach may work for smaller networks, if the number of endpoints grows - or includes non-Windows machines - the situation can quickly become unwieldy without an automated network scanning solution.
This is particularly true when it comes to dealing with updates for the army of third-party applications on your computers. It is here that vulnerability scanning technologies can help companies find risks and prioritize remediation, so that the most dangerous problems can be countered before it is too late.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.