What does the patch management do

Patch management is critical

  • Security measures against threats

    Increasing compliance requirements and European directives such as the GDPR or the NIS directive for critical infrastructures have already pushed the implementation of cybersecurity measures in companies significantly. However, companies often only meet the minimum requirements - while attackers have extensive and sophisticated options for gaining access to company networks. Medium-sized companies, for example in the manufacturing industry or in the healthcare sector, are the focus of hackers: Using ransomware attacks, cyber actors can paralyze entire production lines or take hospitals offline. In these sectors in particular, the damage after an attack is particularly great, as they have enormous economic effects and affect a large number of people. For hackers, medium-sized companies are particularly interesting, which are economically successful, but at the same time do not have the same comprehensive security measures as large, listed corporations.

  • Almost no expert knowledge is required any more

    Cyber ​​criminals are increasingly attacking manufacturing companies in Germany with forged invoices. That's what Proofpoint found out. The attackers send fake invoices that are used as bait or the e-mail contains a link to a website where the fake document is available for download. The documents are infected with the remote access Trojan NanoCore. According to Proofpoint, attachments contain a compressed executable file (with a ".Z" extension), while malicious links induce the recipient to download the malware hosted on onedrive.live.com.

  • Five immediate measures to harden the system

    Guardicore is making security recommendations for the end of support for Windows Server R2, Windows Server 2008 and Windows 7. As of January 14, 2020, users of these Microsoft operating systems will no longer receive free security updates and online updates. Without security-relevant updates, the affected IT systems are no longer protected against newly discovered vulnerabilities. Although some of the operating systems mentioned are already over a decade old, it is estimated that Windows Server 2008/2008 R2 alone is still in operation on almost every third server worldwide. Many organizations cannot upgrade to the latest operating system versions because they are subject to complicated legal and certification requirements, or simply do not have the necessary budget. Bridging solutions are therefore in demand - also in order to be able to accompany time-consuming migration processes.

  • Interception and manipulation of emails

    Email is the number one means of communication. Companies have a duty to deal with email security, as they communicate both internally and externally. Data breaches and data thefts can be heard almost every day: Strangers gain access to the internal company system - unfortunately very easily in some cases - and access or manipulate data. Simple, unencrypted e-mails therefore pose a fundamental risk: They are similar to a postcard, the contents of which anyone can read. "Because if e-mails are neither digitally signed nor encrypted, the content can not only be spied on, but also manipulated. Since attacks of this kind are usually not visible or detectable, the e-mail security is unfortunately reduced As before, often neglected. How often and by whom e-mails are read, nobody can see, "warns Patrycja Tulinska, CEO of the PSW Group.

  • New location and new BC / DR strategy?

    The distance between geo-redundant data centers should be at least 200 km. The BSI has been recommending it since this year. This poses problems for many companies, as the distance recommended so far was just five kilometers in the past. This short distance has previously allowed the operators to mirror their data centers synchronously via HA systems. However, this is no longer possible at a distance of 200 km: the latency between the locations is simply too high to protect organizations against system failures with traditional high availability and backup solutions. What can companies do now to protect their IT against logical errors or ransomware attacks, for example, in order to guarantee minimal data loss and short downtimes? The new minimum distance recommended by the BSI (Federal Office for Information Security) since December 2018 between data centers providing georedundancy represents a turning point in many respects. It fundamentally calls into question the use of synchronous mirroring and thus has a direct influence on how Data centers are operated in this country. Anyone who operates a "critical infrastructure" is even forced by the legislature to follow the recommendation. And those who are unlucky enough to be part of an industry association that follows the recommendations of the BSI, such as members of the banking industry Bafin, also have no choice. All these organizations have to react to the decision and bring the distance between their data centers to at least 200km.