- May 14, 2021
- Posted by: Pat Riot
- Categories: CyberSecurity, Security Operations
We all groan when we see there is an update/patch that needs to be done on our computers. “How long is this going to take”, “What changes are going to break my computer again”, “I don’t have time for this” are all common complaints we think and say out loud. Just like most people that have these complaints, they click the easy button to remind them later because even though we need to apply updates and patches, we don’t want to be interrupted to do it now. We continue these actions to delay until we get frustrated and click ignore completely just because we just don’t have time for that right now. We are all busy dealing with customers, employees, running our company, and dealing with much bigger issues when we get notified that an update that needs to be done. It never happens when it is convenient to our daily schedules but the device that needs the update is the very thing that keeps us engaged with our customers and keeps our businesses running making it a core part of our businesses.
I think all of us have heard in the news recently about the Cyber Attack on the Colonial Pipeline that impacted the entire east coast because it impacted everyone’s ability to get fuel for a few days. What most people do not know is that the cause of that Cyber Attack was an unpatched email server which left them open to the attack. That unpatched computer did not interact with systems that run the pipeline but because no one knew what the attackers had compromised, Colonial Pipeline shut down not only their backend office computers but also their operations systems that were running the pipeline. This resulted in a shutdown all because a simple update wasn’t done and disrupted gas to the entire southeast of the United States. From several press releases, Colonial Pipeline did a complete cybersecurity assessment of their systems and however did not find any additional weaknesses that they reported. After several news reports, they paid the ransom but took a parallel path to get an assessment completed. Restoring data from backup is the best way to recover from a ransomware attack however that process can be slow if not tested. As of the end of this week, the pipeline has been restored to service. The consequence from poor cyber hygiene comes in the form of bad press, lost revenue, and federal agency involvement. As a consumer with operations restored as of this week, we shouldn’t have to run around to multiple gas stations to find fuel. All of this could be avoided with better cybersecurity operations and oversight of IT.
For larger companies, many have dedicated resources that are able to restore services relatively quickly but what about the majority of small to midsized companies out there that don’t have the resources. As we see, some put cybersecurity tools in place to prevent these issues from happening however never go back and look at them again after they are installed. What good are those tools and why spend the money?
That is exactly the problem we solve. We take the burden of figuring out what cybersecurity tool to use and make it easy for our customers. This allows our customers to meet compliance or just have relief knowing that their devices are up to date on updates, patches, and have monitoring to detect when a bad actor tries to get into your devices. Looking for security events 24/7 combined with monitoring several threat feeds to ensure that we have the latest information to ensure our clients devices, company and reputation is protected so you don’t have the same bad press. For more information on how we can help you and your company please visit our website at https://steelpatriot.wpengine.com/ or email [email protected].