Another takeaway from Cyber Awareness Month in 2023 that you should be discussing as an organization, is the importance of patching and updating software.
You probably get those emails from your IT department or your managed service provider to remind you to run an update on the software your devices are running or any other third-party services. Those updates are meant to bug you to run them, so your computer and network doesn’t wind up with a bug of its own. Installing patches and software updates is vital to your cyber resiliency and avoiding what could be a costly cyber incident.
In SecuLore’s webinar this past month, What Can I Do About Zero Day Exploits? their cyber experts talked about the importance patch management plays in your ability to reduce the impact of critical issues such as zero-day vulnerabilities and exploits. While patch management CANNOT prevent zero-day attacks, it CAN significantly reduce your exposure window.
We’ve seen the impact zero-day attacks can have on networks in vulnerabilities in highly used coding such as Log4J and the Log4Shell vulnerability, and the third-party file transfer app, MOVEit, in its vulnerability this year. Zero-day vulnerabilities are inevitable; you don’t want to add to that risk by putting off running those software updates and installing patches.
Here are some other best practices to follow when it comes to running updates to help with your cyber resiliency:
- Watch for notifications
- Install updates as soon as possible
- Turn on automatic updates
When it comes to taking care of your Exacom logging recorder, there are two areas to consider for patches and updates:
The above content was repurposed, with permission, from the blog post “Cybersecurity Awareness Month 2023: Key Takeaways” by SecuLore