News Story.

Why Relying On Standard Patching Processes Is Not Enough In Today’s Threat Landscape

Why Relying On Standard Patching Processes Is Not Enough In Today’s Threat Landscape

Recent high profile outbreaks were facilitated by organisations not having appropriate security patches deployed. The last 2 high profile outbreaks could have been prevented if the security patches had been deployed. Though these patches were available days before the outbreaks, organisations across the globe had not got round to applying the patches fast enough to prevent the threats. This is supported by research conducted in September 2015 in the Kenna Security Report:

Kenna Security Report Key Findings

  • On average, it takes businesses 100-120 days to remediate vulnerabilities.
  • At 40-60 days, the probability of a vulnerability being exploited reaches over 90 percent – indicating that most successfully exploited vulnerabilities are likely to be exploited in the first 60 days. The gap between being likely exploited and closing a vulnerability is around 60 days.

The above findings support the fact that organisations face a period of exposure to threats in the time between a vulnerability being discovered and the patch to mitigate being deployed.

Trend Micro’s Vulnerability Protection provides protection against exploits of known vulnerabilities in the absence of a patch being deployed. It doesn’t just stop at Microsoft patching either. Trend Micro Vulnerability protection supports upto 300 3rd party applications (Java and Adobe included)

In 2016, Trend Micro averaged 57 days protection ahead of a vendor patch for customers using their solutions.

In 2016, Trend Micro Zero Day Initiative (ZDI) reported the most verified vulnerabilities, with 52.2 percent of the global total of 1,262, according to a Frost & Sullivan report.

Brief outline below of the most high profile recent outbreaks and how Trend Micro and Secon Cyber can help protect you against similar threats in future:

Wannacry

The patch for SMB Vulnerability that Wannacry exploited was available for 59 days prior to the outbreak.

Many organisations were caught out and this was a very high profile in the media.

With Trend Micro and Secon Cyber:

  • With Trend Micro XG Deployed, machine learning prevented the malware even though no pattern file was available
  • Vulnerability protection prevented infection by shielding the vulnerabilities utilised by wannacry
  • With our Managed Detection and Response Service, a customer who had not yet utilised the above two were able to contain an outbreak within 10 minutes with minimal impact on their organisation. Our service detected malicious behaviour at 1:31 pm. By 1:34 pm we were on a remote session with the customer troubleshooting. By 1:41 pm we had contained the outbreak and helped with the cleanup and restore process

NotPetya

Exploited the same vulnerability SMBv1 as Wannacry did as well as other Microsoft vulnerabilities. Trend Micro shows that even after a high profile major high impacting outbreak didn’t encourage enough organisations to patch faster. Organisations that were impacted, suffered significant financial loss as the rate which it spread resulted in 1 organisation having all endpoints globally encrypted within 90 Minutes.

With Trend Micro and Secon Cyber:

  • With Trend Micro XG Deployed, machine learning prevented the malware even though no pattern file was available
  • Vulnerability protection prevented infection by shielding the vulnerabilities utilised by NotPetya
  • With our Managed Detection and Response Service, we would have detected the outbreak within minutes thus minimising the potential spread.

For more information please don’t hesitate to email us at hello@seconcyber.com or call us 0845 567 8777.

book a demo for our managed detection and response service