Practice Two: Maintaining Cybersecurity by Keeping Systems Up to Date
Notifications about software updates are now familiar occurrences. They may seem to appear at the most inconvenient times, but they should not be ignored. Doing so leaves your online devices vulnerable to cyberattacks. Cyber threat actors are opportunists who are looking to find an easy way onto your network.
The most common way an attacker gets onto a system is by exploiting a vulnerability. The vulnerability can be in the form of a software application with a flaw that an attacker can use to gain access, a misconfigured firewall or a user that clicks a link in an email that surreptitiously installs software opening a back door. These tactics can result in the attacker gaining a presence on a network. Once an attacker has connected to a system, they are effectively sitting at a desk in the office. Their next step is to find a user account that has the permissions to launch the attack.
An organization can reduce the likelihood of a cyberattack by preventing an attacker from having a presence on its network. Since most attacks start with an exploited vulnerability, organizations should start by minimizing those vulnerabilities by keeping their systems up to date. Key ways to help keep your organization’s systems up to date include:
- Using automated patching wherever possible.
- Always visiting vendor sites directly when manually updating software rather than clicking on advertisements or email links.
- Avoiding running software updates while using untrusted networks, like in an airport or a hotel.
- Making security awareness part of the culture.
What Do Software Updates Include?
An update can include new software to replace outdated versions, system updates, such as improved security software, utilities updates and new drivers. Software updates can also include patches for performance and security issues. It is essential for organizations to be prepared and enable automatic updates where possible, replace unsupported systems and test and deploy available patches quickly.
When a software has reached end-of-life (EOL), software updates will no longer be released for the application. Continuing to use EOL software poses a threat to your system because an application that no longer receives security updates and patches is vulnerable to attack. Cybersecurity and Infrastructure Security Agency (CISA) recommends that users and administrators retire all EOL products.
Prevention and Protection
Rather than waiting for a cyberattack to happen, taking proactive steps to implement cyber readiness practices can help prevent an attack in the first place. Francis also shared this insight: “The overwhelming majority of cybersecurity insurance claims are things that could have been prevented and organizations had the means to prevent.” He lists updating and patching systems among the preventive steps organizations can and should take.
Addressing an audience at one of the Travelers Institute’s recent cybersecurity education programs, Val Cofield, Chief Strategy Officer of CISA, challenged organization and IT leaders to mitigate known and exploited vulnerabilities in their public-facing systems within 48 hours. As part of her challenge, she also spoke about the need to eliminate all default passwords from administrative accounts and public-facing systems, as well as eliminating all EOL assets supporting essential services or public-facing systems.
No matter how tedious routine updates may seem, they are a necessity. Taking advantage of automatic updates, and implementing them regularly, is one of the most important steps you can take to protect your network and devices.
In Their Words
Listen to experts talk about the importance of system updates during recent Travelers Institute programs.
- Hacked! What’s Your Plan?
- What’s Required? Understanding the New Cybersecurity Laws Impacting U.S. Critical Infrastructure
This information is for general informational purposes only. None of it constitutes legal or professional advice, nor is it intended to create any attorney-client relationship between you and the author. You should not act or rely on this information without seeking the advice of your own attorney or other professional advisor. Travelers does not warrant that adherence to, or compliance with, any recommendations, best practices, checklists or guidelines will result in a particular outcome. In no event will Travelers or any of its subsidiaries or affiliates be liable in tort or in contract to anyone who has access to or uses this information. Travelers does not warrant that the information in this document constitutes a complete and finite list of each and every item or procedure related to the topics or issues referenced herein. Furthermore, federal, state or local laws, regulations, standards or codes may change from time to time and the reader should always refer to the most current requirements. This material does not amend, or otherwise affect, the provisions or coverages of any insurance policy or bond issued by Travelers. It is not a representation that coverage does or does not exist for any particular claim or loss under any such policy or bond. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy or bond provisions, and any applicable law.
Cybersecurity threats affect businesses and organizations of all sizes. Our Cyber: Prepare, Prevent, Mitigate, Restore® initiative promotes dialogue and education to help leaders prepare for and respond to cyber incidents.LEARN MORE