It was a week of securing, testing and reporting on cybersecurity vulnerabilities. In terms of securing, things at Oracle this week got a bit patch-y (in a good way). The tech behemoth on Tuesday announced that it has issued a critical patch for a whopping 308 vulnerabilities across 90 products, making it the company's biggest update ever (as reported by Threatpost).
Oracle E-Business Suite was the biggest focus point for the update, accounting for more than 120 of the vulnerabilities addressed - 118 of which are remotely exploitable. One of the flaws in particular allows attackers to download sensitive business documents and configuration files without authentication.
It has been a bit of a crazy year for Oracle. So far in 2017, the company has apparently patched 878 vulnerabilities through three CPUs. Woof. Oracle isn't the only one feeling the sting, though. The WannaCry and ExPetr bugs exposed vulnerabilities like never before, throwing into sharp relief just how much the industry is still extremely far behind in terms of patching.
“Since the April 2017 Oracle CPU, the world has been rocked by global malware attacks that exploit well-known flaws that have readily available fixes,” said John Matthew Holt, CTO of Warwatek. “Overburdened and under-resourced security teams simply cannot apply physical patches fast enough to stay ahead of the attackers.
Holt also mentioned that businesses continue to rely on legacy applications that can’t be patched or upgraded, creating yet another avenue of attack. It's a constant race - hackers continually finding flaws to exploit and cyber professionals desperately trying to find/plug those holes before they do.
However broken record-y it may be, this is yet another opportunity to educate all end users. With the ever-changing and evolving threat landscape, it's something that must be done regularly. Exhaustively. Software must be kept up-to-date and patched. Basic and recent scams and phishing techniques must be gone over. The buck doesn't stop with the expert - effective security takes the entire village, providers and users alike.
For the testing portion of the week, we look to Asia. On Tuesday, more than 200 participants from all designated Critical Information Infrastructure (CII) sectors in Singapore took part in a cybersecurity exercise put on by the Cyber Security Agency of Singapore (CSA). CII refers to the group of sectors that are in charge of delivering essential services in Singapore, such as Government, infocomm, energy, aviation, maritime, land transport, healthcare, banking and finance, water, security and emergency, and media (according to Channel NewsAsia).
The exercise involved series of scenario planning sessions, workshops and table-top discussions. Participants were taken through simulated cybersecurity incidents, such as a malware infection or a large-scale distributed denial of services (DDoS) attack, and were tested on their incident management, response and remediation plans.
Chief Executive of CSA David Koh stated that the exercise provides a great deal of insight, and an huge opportunity to bolster/strengthen each sector’s incident response plans. “With greater interconnectivity, and proliferation of cyber threats, the ability of our critical sectors to respond promptly to attacks is vital,” he said.
Deputy Prime Minister and Coordinating Minister for National Security Teo Chee Hean also weighed in, touting the importance of being over-prepared. "This is a good opportunity for us to level-up our capability and make sure that we're as ready as possible," he said. “In this field, things evolve very, very quickly. You may be ready today, but may suddenly come up against a zero-day attack which you’re not even aware of. We must have a response capability if an attack does happen."
Our final story this week takes a look at a few key takeaways from Cisco’s Midyear Cybersecurity Report. The report takes a broader look at cyber threats, findings and potential trends such as ‘destruction of service’ (DeOS) attacks.
The size and impact of attacks are evolving in ways never seen before, and they're becoming much more intricate. Hackers are getting fancy these days, and the backups and safety nets meant to restore systems and data after an attack just aren't up to snuff. Further, with the age of the Internet of Things, more and more companies are bringing their operations online, which ups the chance of having vulnerabilities.
Dave Gronner, senior manager for Cisco's Security Partner Go-To-Market Global Partner Organization, shared a few key insights and actionable steps for channel partners, taking into the account the current landscape and the report's findings.
- With the limited pool of in-house security expertise available to end customers today, channel partners have an opportunity to serve as billable trusted advisors and help customers manage their security requirements.
- With the expansion of cyber threats, there is a clear opportunity for channel partners to help customers assess their threat risks and develop a strategic plan to minimize risk.
- Threat assessment services and consulting services aimed at building, documenting and implementing cybersecurity strategies will continue to be a growing and profitable opportunity for channel partners.
- Channel partners providing these professional and consultative services help bridge customers’ knowledge and talent gaps by delivering actionable policy and technical next steps.
- Partners will greatly increase their success in security by developing a true architectural understanding of cross-platform solutions and threat intelligence. Achieving the highest level of security for end customers requires providing a layered security approach to address the multi-faceted threat vectors.
- Midsized to large partners should build their security practices as a complement to their existing networking and Data Center practices to provide holistic integrated solutions, while addressing customers’ needs to simplify, integrate, and automate.
- As this research shows, vertical market and company size affects customers’ approach to security. Partners should tap into new opportunities by building specialized practices for specific vertical markets. This strategic advisor role helps the partner establish strong customer loyalty while also creating competitive differentiation.
- IoT has become an extremely important part of many vertical markets. As a result, partners who work in specific industries must take advantage of vendor offers and training to build their competencies in IoT security.
The views expressed in this column do not necessarily reflect the views of Penton Media or The VAR Guy editorial staff.