The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 13 new vulnerabilities to its list of security errors known to be exploited in December, including Apache Log4j and Fortinet FortiOS bugs. They advised that organizations apply the available patches for these bugs as soon as possible. CISA stated: “These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.”
According to the Ponemon Institute, 57% of data breaches are attributed to poor patch management, and 74% of companies can’t patch fast enough because they don’t have enough staff (Service Now + Ponemon Institute Study.) This creates a serious gap in cybersecurity for an alarming number of organizations.
Up-to-date patching is a critical component of cybersecurity, but there is more that can be done to protect your networks. Actively looking for the exploit and then validating any patching or misconfiguration work as successful gives you comprehensive coverage by creating checks and balances.
Consistent and timely patching is important to the overall health of your devices and strengthens the overall security of your environment. RAVENii’s Vulnerability Management solution will validate that any patches applied and/or misconfigurations fixed were accepted and successful. We will scan your environment to identify vulnerabilities in your normal operations. Any inconsistencies will be evaluated to determine whether or not they pose a risk to your business. These risks will then be communicated to you and together, we will deploy a plan of action to mitigate the threat or vulnerability.
Also, our Managed Network Security Monitoring Service can identify Zero-Day attacks and other anomalies that would indicate whether the above mentioned Log4j vulnerability is present and a threat.
RAVENii strongly encourages everyone to remain vigilant and stay current with patching. If you need advice or assistance with your patching program or other cybersecurity concerns, please give us a call at 844-317-0944. We are here to help!