It seems with each passing day; we see another story of a cyber security breach. After doing some research, I found that each day, we, in fact, have nearly two.
In research published by the Identity Theft Resource Center (ITRC), since 2005, there have been a total of 5029 breaches, and of that number, 34.3% directed at the business sector. Of the total, 29% happened as a result of a hack. Of course, every SAM Manager knows that a hacker is somebody that seeks and exploits weaknesses in a computer system or network. This suggests the weakness may be at least partially the result of how businesses fail to update all of their corporate IT systems, including computer software, ensuring computer software is updated with the latest security updates.
Because of the almost Business As Usual (BAU) approach, we now have a playbook from which businesses normally work from: It typically looks like this:
- Hacker gets access to a company network – usually via malware (we’ll come back to this)
- The company is told by a third party it got hacked
- The company hires the “best company possible to research the extent of the breach”
- The company says X thousands/millions of customers impacted, but
- Don’t worry – we’ll give you credit monitoring for one year
To me, as a consumer, I’m growing frustrated with card replacements and having to change constantly online account information. However, what I am growing tired with is how organizations do not seem to be doing enough to protect proactively me (and themselves) from these hacks (often via malware).
In a recent data breach involving TalkTalk, it has been alleged that they have been hacked three times this year. Now while it does take time to conduct an analysis to determine the impact, and learn how the hackers got their access, it seems as though TalkTalk did not have the controls and processes necessary to protect itself, and more importantly, its customers from this hack.
As the world initiates its move from XP, which is no longer supported with security updates, those devices running XP and older (and often unused) applications are ripe for malware. What does this mean to the SAM Manager? The SAM Manager is in a unique position to be able to monitor software installations and in working with their wider teams, ensure that the software is up-to-date. However, what they may lack is a simple tool to help them identify two key areas that may lead to a data breach.
What is a Software Manager to do?
The Australian Government recently published a document showing that there are four key controls any organization can implement to mitigate at least 85% of intrusion techniques. The four controls are:
- Application Whitelisting
- Patch Applications
- Patch the Operating System
- Minimize Administration Privileges
Further, the SAM Manager may want to consider researching their estate for unused software titles. As unused software has not been patched, it begs the question whether or not you should spend the time patching those applications, or removing them if not used. By removing unused software, you remove risk both from a security standpoint (from unpatched software) and from a liability standpoint (in the event some of that unused software is unlicensed).
1E has created a tool to assist you with both efforts. The 1E Software Lifecycle Intelligence Dashboard, available free of charge, will provide the information you need to run more securely your business and reduce risk. The Intelligence tool runs from your local machine – not the cloud – so this data stays under your complete control at all times.
Be the SAM Manager Super Hero. You may not be able to stop every security threat, but you can stop easy entry points to collect the data you need to save your organization money and help ensure yours (and mine) personal data.
This article was contributed by Peter Beruk of 1E. Peter has been in the IT Asset Management (ITAM) space for over 25 years. During that time, he has worked for software vendors including McAfee (now Intel), and vendor focused trade associations including BSA | The Software Alliance. At 1E, Peter is an ITAM Subject Matter Expert and is also now secretary of working group 21 (19770). You can get in touch with Peter at firstname.lastname@example.org.