The Inaugural Ivanti Threat Thursday Update for May 25, 2017
As you may have been following, Ivanti cybersecurity experts have been tracking the WannaCrypt/WannaCry attack since soon after it happened. To help keep you informed, welcome to the Ivanti Threat Thursday Update—a curated compendium of what we’ve read and what we’ve said about the latest cybersecurity threats, responses, and trends. It’s inspired by our popular Patch Tuesday blog posts and webinars. If you find it valuable, we’ll continue to do it as events dictate. And if we miss or misconstrue anything, please let me know directly.
Now, without further ado… This Week in Cybersecurity Coverage:
IDC: Enterprises Need “Patch Independence”
Market watchers IDC released a new report—“Pursue Patch Independence: Latest WannaCry Event Prompts Need for Risk-Based Defenses.” From the abstract: “Worms and malware are not going anywhere. Any new outbreak or rash of incidents should not affect your security program. WannaCry was just another episode in an ongoing sequence of events that reminds us to ensure our security program is effectively doing its job.”
From the news release: “IDC analysts assert that to achieve patch independence, organizations must take a more realistic and cost-conscious strategy that favors more effective approaches and alternatives than available today. Organizations must take a risk-based approach to security that involves evaluating the practices and solutions in all identity, vulnerability, threat, and trust management domains.”
What We Say: It’s true that new solutions and approaches are essential to successful cybersecurity strategies and architectures. However, almost every enterprise can improve cybersecurity dramatically without resorting to a “rip-and-replace” approach to their current environment. For some specific recommendations you can begin implementing today, see “WannaCrypt/WannaCry: 4 Best Practices for Fighting ‘Forever’ Ransomware Threats” and “WannaCry? How IT Asset Management Will Help You Avoid Ransomware Attacks.”
MIT: Inadequate Cybersecurity Investments Create “Inverse ROI”
Michael Siegel is a principal research scientist at MIT Sloan School of Management, and associate director of MIT's Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity. “It became very, very clear [that] the [WannaCrypt/WannaCry] attack and the attack patterns were at older machines and institutions that had not patched something that was available for several months,” Siegel told SearchCIO. “For companies that do it right, they didn't have disruption; they didn't have to consider paying a ransom. For companies that don't do it right, they just learn what it costs to not do it right.”
Siegel added that as technologies improve for both hackers and defenders, more pressure is put on “the weakest link—the human factor.” “I talked to one organization in a phishing exercise to executives. In the phishing exercise, it said, "This is a phishing email. If you click on this link, it will harm your computer." And they still had people click on the link. …When I asked [someone who clicked on the link] what happened, he said, ‘I wanted to see what would happen.’"
What We Say: Technologies alone simply cannot provide perfect defenses against social engineering. Fortunately, significant cybersecurity events can be opportunities to extend and improve user engagement and education. For some specific suggestions, see “Three Things You Can Do Now to Increase User Contributions to Cybersecurity at Your Enterprise.”
Survey: C-level Executives Biggest Mobile Cybersecurity Threat
SC Magazine UK reported on a survey of some 500 CIOs and IT decision makers from the UK, US, France, and Germany. The survey found that “Some 40 percent of [responding enterprises] believe that C-level executives, including the CEO, are the greatest risk to their organisation being hacked, likely to happen while they're working outside of the office.”
“A majority [of respondents] (93 percent) said they were concerned about the security challenges posed by a growing mobile workforce. Nearly half (47 percent) reported they were ‘very’ concerned.” Yet this concern is unevenly distributed. For example, nearly 10 percent of responding enterprises from the UK said they have “no concerns when employees use public Wi-Fi hotspots.” This compares with one percent of respondents from the US and Germany, and two percent in France, the report added.
What We Say: It’s not just C-level executives, and this survey is not just an anomaly. Another recently reported survey of 1,200 IT and business decision makers found that 75 percent of CEOs use applications not approved by their IT departments, for greater productivity. Yet another found that 35 percent of responding cybersecurity professionals admitted to bypassing, disabling, or working around cybersecurity measures at their own organizations. The only effective defense: a combination of multi-layered technologies and pervasive, frequent user education across the entire organization.
How Ivanti Can Help
Beyond the blog posts mentioned above, Ivanti offers a range of technologies designed to help your enterprise fight ransomware and malware effectively. We can also help your organization rein in administrative privileges, implement application control, and patch your critical endpoints and servers. And Ivanti is the only vendor with leading solutions for cybersecurity, asset management, service management, and endpoint and user experience management. Get in touch with us, and let us start helping you make your enterprise more secure, today and tomorrow.