Security measures are never foolproof. No matter how many precautions companies and users take, threat actors always find a new point of entry to exploit. Identifying and fixing vulnerabilities requires time, and there lies one of the greatest challenges — deploying sound fixes within a tight time constraint.
Cybersecurity threats are constantly escalating and the current landscape means the majority of successful cyber attacks exploit well-known vulnerabilities that can lead to system breaches and loss of sensitive information. The time between discovery of a system vulnerability and the start of malicious exploits is getting shorter, often a matter of hours before attempted attacks. Increasingly complex enterprise networks, use of bring your own device (BYOD) and other protocols for higher productivity, and the broader array of applications and devices leveraged for business use also provide a larger target for compromise.
The electric utility industry is built on a foundation that requires an ultimate level of security to operate effectively. As hackers multiply and their level of sophistication increases rapidly, the electric utility industry must also evolve its cybersecurity defense capabilities. A recent survey of 140 North American electric utilities found that 88% of respondents expect cyberattacks to increase within the next 2 to 3 years. That figure is meteoric and most likely slightly distressing for those bulk power system (BPS) operators that haven’t gotten up to speed on patching their software vulnerabilities quite yet.
As of October 4, ever more damning information continues to surge out of the Equifax investigation. The total number of affected American consumers has hit 146 million, with the former-CEO laying blame on a single employee for not implementing a security patch that would have plugged a vulnerability in Apache software (which itself was patched by the vendor 2 months prior).
The WannaCry attacks reached a record high in this past week and the root cause of the chink in the Cybersecurity amour can be traced primarily back to lack of active Patch Management. Active Patch Managementreduces attack surface & improves security posture. Reinforce this essential link in your holistic Cybersecurity chain.