The ability to completely patch and configure machines presents a large problem—primarily because the threat landscape evolves more quickly than the patch process can update the software. Viruses such as Sasser and Blaster are proof that virus writers will continue to exploit vulnerabilities—Sasser was released into the wild less than three weeks after Microsoft announced the vulnerability it exploited. The window of opportunity in which IT can react to vulnerabilities continues to decrease. Patch Management is mostly a disruptive state application but as stated previously it can be thought of as a highly responsive component of normal state provisioning.
Protection & Recovery
It goes without saying that generally data should be protected but organizations should also have a backup and disaster recovery plan that will help them recover in the event of a successful attack. Data recovery has become a heightened concern because the rate of attack is increasing, so the probability of having to recover is higher. Additionally, having an infrastructure where the accuracy of financial reporting, the privacy of personal information, security and other process certifications is becoming the personal responsibility of executives. This level of infrastructure accountability is driven by regulations, such as Sarbanes-Oxley, HIPAA and FISMA. The scope of recovery solutions must include desktops, PDAs, servers, and laptops and must have recovery times that are measured in minutes.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.