For as long as anyone can remember, cybersecurity has been a game of whac-a-mole where resources are hopefully marshaled in time to thwart a threat either before damage is inflicted or, at the very least, as quickly as possible once a breach is discovered. However, there is trouble with that approach. It tends to prioritize the cyberattack that someone has launched rather than focusing on actual prevention.
As managed service providers (MSPs) know, the reason these attacks are being made in the first place is usually because a stolen credential is making it possible to inject malware into an IT environment. This leads to the exploitation of one or more vulnerabilities.
After decades of building and deploying flawed software, organizations are finally giving more attention to addressing the root cause. Application developers are making concerted efforts to build more secure software. This should reduce the number of vulnerabilities that inadvertently find their way into applications.
Addressing persistent vulnerabilities
The challenge is that the number of vulnerabilities that exist in applications is too numerous to count. An analysis of applications deployed in enterprise IT environments conducted by Veracode, a provider of tools for discovering vulnerabilities, found that 42 percent of applications contained flaws that remained unfixed for longer than a year. The report also finds that nearly half of organizations (46 percent) have persistent, high-severity flaws that constitute ‘critical’ security debt.
These flaws are not actively being addressed. It could be that the development team that builds the application doesn’t have the time or inclination to build or apply a patch. It could also be the IT operations team is concerned that if they apply that patch, the application might break. Naturally, this creates an opportunity for MSPs to create, test, and apply patches to remediate those vulnerabilities in a way that won’t disrupt the application environment. The challenge is that delivering that service requires an MSP to meld application development and cybersecurity expertise together.
Embracing automated patch management
Fortunately, thanks to the rise of generative artificial intelligence (AI), building and testing patches is much simpler. At the same time, organizations are willing to rely more on automation to apply them. Yet not every patch represents the same level of risk. For example, there is a greater willingness to automatically update an operating system than there is to update custom code that an organization may have written themselves.
Regardless of who wrote the code in question, it’s never been more important for organizations to ensure they are up to date with the software they employ. Often, organizations are victimized by malware attacks that would have been prevented if they were not running outdated versions. These vulnerabilities may exist in systems that have received updates but have not installed them to remediate the issues.
There will always be a need to whack the latest mole. As the focus increasingly shifts to fixing the root cause of the cybersecurity problem, there will come a day soon when the odds of winning the cybersecurity services game are much better than they are today.
Photo: mujijoa79 / Shutterstock
