Good news! More bad news.

/in /by

CISA (Cybersecurity and Infrastructure Security Agency) is an organization that was established to help fight against cyber crime. As this group learns and collects data on the different types of crime, they update their Known Exploited Vulnerabilities catalog (KEV).  The KEV is updated often; just in June CISA updated the catalog 49 times. How often are you updating the key points in your digital infrastructure, and what are the metrics you’re using to do all of this by?

That’s a lot to ask of the average person (the average person being someone not in IT). And so there are many companies and programs that automate these various updates. Instead of taking a look at all or many of the areas you could be updating regularly, let’s take a look at one: patches.

First, before we talk about updating and managing patches, let’s make sure we understand what a patch is. Patches are basically the updates to software, operating systems, and certain hardware systems that typically address security issues and vulnerabilities within the application. When your computer notifies you that it needs to Restart to apply updates, it needs to install the latest security patches. Now that you know what they are, let’s talk about managing them.

The pros of automation is that you can set it and forget it. The cons of automation are that you can set it and forget it… until it kicks up a bunch of red flags. Recently a patch was released and some companies and federal agencies implemented it without first testing it. This caused major internal issues like problems with authentication, which meant employees couldn’t login to the services they needed to do their work.

Some basic steps to help avoid issues (but will require you to do more work) are:

  • Make sure you have a current list of ALL software and OS in use.
  • Set up rules and procedures for patch management.
  • Keep up with new patches.
  • Before you implement them throughout, test all your patches.
  • Always have a backup of working editions.
  • Make sure your patches are downloaded from secure sources.
  • Keep a patch management or configuration management log.

If you’re having issues with things like this, don’t go at it alone or trust just anyone. Betterchips Consulting can help keep you compliant and manage tasks like this properly. With decades of high level experience, we understand how important it is to not only keep you safe from outside attacks, but also keep you safe from the things meant to protect you.

You might also like
Convergence of Business, Legal, and Technology
Don’t get caught!
A Pile of Complex Technology ContractsFiling it won’t fix it.
Sorry Wrong Number, Let’s Be Friends
Is “The New Normal” putting your business at risk?
Does your network trust no one?
A hand selecting the image of scales from a row of icons.Optimizing Legal Practice Management: A Comprehensive Guide for Law Firms, Attorneys, and CPAs on Managed Service Providers (MSPs)
Betterchips - Technology Know-howHappy holidays from your international cybercriminal syndicate

We Identify, Interpret and Remedy Complex Technology Casework, Matters and Incidents for Professionals and Business Stakeholders.

Site Navigation

Products and Services
About Us
Careers
Case Studies
Blog
Contact Us

Legal

Terms of Service
Privacy Policy

© Copyright – Betterchips Consulting Corp. – All rights reserved.
Disclaimer: Betterchips Consulting Corp. is not a law firm and does not offer or provide legal advice or service of any kind. If requested, we may be able to provide an attorney recommendation.

Happy holidays from your international cybercriminal syndicateBetterchips - Technology Know-howA Pile of Complex Technology ContractsFiling it won’t fix it.