The recent Equifax hacks and other high-profile cybersecurity breaches emphasize the need for proactive cybersecurity practices. Avoid cybersecurity failure by preparing to be secure with essential patch management updates.
The prudent advice Benjamin Franklin shared with the world is just as valuable today as it was nearly 200 years ago. It is valuable to individuals and corporations, in all aspects of life, across many cultures and industries. Ben never saw a computer; however, his advice is highly applicable to today’s cybersecurity preparedness challenges.
“Diligence is the mother of good luck.”
In a letter to the Wall Street Journal, Equifax Interim CEO Paulino do Rego Barros Jr., admitted, “We were hacked. That’s the simple fact.” Equifax wasn’t diligent with software patching and faced some serious consequences because of it.
“An ounce of prevention is worth a pound of cure.”
Equifax isn’t the only entity that has been hacked in recent times with serious consequences. Unfortunately, it’s a high-profile example of what is happening globally.
It will take years, if it is even possible, to repair shattered trust, data and financial loss because of these breaches.
“By failing to prepare, you are preparing to fail.”
Four basic steps need to be taken as part of any patch management program:
- Inventory. Inventory assets (devices, computers, equipment, tablets, smart phones, etc). This includes any asset that has software or firmware, any kind of intelligence or any connectivity to the outside world. Don’t overlook the less obvious ones like USB drives, smart TVs, game controllers, etc. Any device that can reach sensitive data should be included.
- Baseline. Get a list of the software or firmware on each of those assets. Know what ports are supposed to be open. Know what user accounts are on the devices.
- Monitor. Proactively track all updates, news, security alerts, and patches related to the assets and their software.
- Install. Follow through with timely installation of security patches. If a patch can’t be installed for some reason, take other measures to mitigate any residual risks.
“Distrust & caution are the parents of security.”
Anticipate expanded cybersecurity requirements in your own firm, especially if your industry is heavily regulated. Hacks aren’t limited to financial services companies.
Conclusion: “Never leave that till tomorrow which you can do today.”
Get up to date on your patches today! Start strategically assessing your discipline for tracking your assets and applying patches. Put measures in place to inventory and baseline assets, to regularly monitor for updates and then install them. The reality is if good patch management practices are followed most hacks can be averted.
What would Ben Franklin have to say about the Equifax breach? No doubt he would have some cleverly-worded advice about diligence for making the world a more cyber-secure place.