Cyber Security Incident Response – Zero-Day Linux Flaw Demonstrates Need Now More than Ever

Zero-Day Linux Flaw Demonstrates Need for Cyber Security Incident ResponseThe recent discovery of a long-standing critical flaw in the Linux kernel has potentially left millions of end-users vulnerable to a cyber-attack. While the discovery of the flaw was recent, it turns out the vulnerability has actually been present in the code since as early as 2012. This means that for approximately 4 years, attackers have had the ability to gain privileges on affected devices. This serves as another candid reminder of the critical importance of a quality cyber security incident response strategy.

The number of devices that could potentially be impacted by this recent flaw could stretch into the tens of millions, since it affects any operating system that has Linux kernel 3.8 or higher, including both 32-bit as well as 64-bit. Of even greater concern, however, is that it also affects Android versions KitKat and above, which indicates that nearly 66% of all Android devices are currently exposed to the critical flaw.

So, what, exactly is the impact of the newly discovered zero-day Linux flaw? Well, for starters, local access on any Linux server is all that a would-be attacker would need in order to exploit the problem. If successful, the attacker would be able to gain root access to the end-user’s operating system, enabling them to view private information, delete files and install additional malicious applications.

One of the reasons this breach is so newsworthy is because flaws in Linux kernel are typically patched immediately upon detection. For this reason, Linux-based operating systems have long been considered to be among the most secure. The zero-day vulnerability has been present for almost 4 years, leaving any individual or business that uses a Linux server exposed to potential cyber-attacks.

The good news is, the Linux team is now aware of the issue and has made assurances that a patch is in the works. It also doesn’t appear that any would-be hackers have yet attempted to take advantage of the flaw. What this does point out, however, (with glaring obviousness) is yet again how incredibly critical it is to have an adequate cyber security incident response plan in place.

Too often businesses in particular account for only one piece of the security puzzle. They invest tens to hundreds of thousands of dollars into monitoring systems, assuming that this alone will be enough to keep them ahead of potential attacks. Unfortunately, given the fact that these monitoring systems must be manned by humans, coupled with the volume and complexity of incoming threats, the chance of a serious attack being missed is alarmingly high. This is precisely what occurred in the Target breach of a few years ago.

The solution to this dilemma is fortifying the cyber-security incident response strategy with an automation tool. This removes the human element from the process. Technology can then handle the daunting task of assessing, verifying and prioritizing every legitimate threat that comes in. The automated tool will then execute the appropriate next steps, right through the final resolution, completing the process and closing the loop.

Thankfully this particular flaw was identified and addressed by one of the “good guys,” but make no mistake – had it been discovered by an attacker first, the outcome would have been potentially devastating. Like it or not, we are all at risk of a potential cyber-attack, especially businesses. Taking a proactive approach by developing, implementing and solidifying a strong cyber security incident response plan is absolutely critical in order to keep systems – and all the important sensitive data contained within – safe from a potential breach.

Is your cyber security strategy as strong as it should be? If you’re not absolutely confident that it is, the time to act is now, before you fall victim to an online attack. To start your free 30 day trial, click here.





eBook: 5 Reasons You Should Automate Cyber Security Incident Response




Overcoming the Myths About Robotic Process Automation

Overcoming the Myths and Misconceptions about Robotic Process AutomationRobotic process automation is certainly not a new concept. Yet, for whatever reason, it’s still surprisingly misunderstood. In fact, many highly educated individuals fail to understand just what RPA is and, more importantly, the many benefits it can potentially have for their organizations. If you’re new to the term or you’d just like to learn a little bit more about it, here’s what you need to know.

Robots are not humanoid.

Perhaps the biggest misconception surrounding robotics process automation is that it involves actual robots, like the famed movie character from the 70’s, C-3P0. This misunderstanding has a lot to do with the theory that RPA is meant to eliminate humans from the workforce. In reality, this type of robotics is merely software that can perform manual processes and workflows without the need for human input.

RPA is not here to make humans obsolete.

Another common mistruth about RPA which is driven primarily out of fear is that the technology behind this process is meant to create a human-free workplace. While automation certainly does change the way people work, it won’t necessarily replace them, at least not on every level. Actually, as manual tasks are shifted to RPA, new opportunities will emerge. It’s really all just a matter of perspective and maintaining an open mind.

Robotics can allow you to do what you previously could not.

One of the greatest areas of benefit RPA provides is in the ability to essentially do more with less. Keeping up with increasing demands and staying within a strict budget are challenges that many IT leaders must deal with on a daily basis. As needs increase, the ability for existing staff to handle the demands becomes less feasible. Furthermore, significant fluctuations in workflow can be an incredible burden to bear. Robotic process automation allows complete, real-time scalability to handle any situation.

RPA can be leveraged in almost any industry.

Finally, let’s address the misconception that robotic process automation is reserved only for certain fields. For instance, many mistakenly believe that RPA is really only useful for those in financial related organizations. While this technology has certainly made quite an impact in this area, it’s something that can effectively be leveraged in virtually any industry. All it takes is the vision and desire to streamline operations and making the conscious choice to overcome the many myths to see RPA for the powerful and positive tool it truly is.

Are you this visionary for your organization? Take that first step by downloading your free 30 day trial and start experiencing the many incredible benefits robotic process automation can have for your business.





IT Process Automation Survival Guide




Incident Response: What Could a System Outage Mean to Your Business?

What Could a System Outage Mean to Your Business?

We hear about them all the time. Most of us have probably experienced them personally. We’re talking about system outages, and the downtime that typically follows. But do we really understand what these incidents mean and, more importantly, how without the right incident response plan they can ultimately impact an organization’s bottom line? The answers may surprise you, and not in a good way. Let’s take a look.

Causes of System Outages

Outages can be categorized into two areas: planned and unplanned. It’s the latter of the two that has the biggest impact on businesses. But what causes these types of situations? What triggers a system, database, hardware or software down time? According to the IT Process Institute’s Visible Ops Handbook, some 80% of unplanned outages are caused by people and poorly planned/executed processes. Furthermore, the Enterprise Management Association reports that 60% of failures come as a result of manual configuration errors.

What’s the common denominator here? The answer is simple. Humans. The truth is, even the most highly skilled and well-trained IT professional has the potential to make a mistake, and even the tiniest of errors can result in critical systems going down. They’re also not at all uncommon. In fact, recent studies indicate that the average organization experiences about 4 outages per year. Approximately half of all organizations surveyed also indicated that they’d experienced at least one complete network outage each year.

Impact of System Outages

The ultimate impact an outage will have on the IT department and, in most cases, an organization as a whole typically depends on the type of outage as well as how long the subsequent downtime lasted. Generally speaking, the average length of an unplanned outage is somewhere around 1 hour and 18 minutes.

Depending on what systems went down, this could mean loss of productivity for one department or the entire company. It could also extend to external sources, such as a network outages that impact customer interactions with an organization. For example, if Amazon.com went down, not only would internal operations suffer, but the loss of revenue from potential online sales would be massive.

Without the right incident response strategy in place, the results can be disastrous.

Costs of System Outages

So, what does this mean in dollars and cents? Well, a significant outage can cost an organization on average $12,250 per minute. Yes, you read that right. Annual losses top out somewhere around $3.9 million per organization. Another thing to consider is the fact that system outages can also result in a costly loss of critical data, the exact impact of which can only be measured on an individual basis, depending on what information was lost.

This is why it is absolutely critical that businesses take the appropriate measures to avoid potential outages and, at the very least, have a plan in place to limit the amount of downtime as much as possible. Experts agree that the best strategy is to design and implement a strategy that leverages all of the available technology, particularly IT automation, which takes most of the human element out of the process and ensures a more timely and accurate response to potential incidents. In fact, with the right tools in place, downtime can be reduced by up to 90%. One only needs to look at the potential costs of extended periods of downtime to recognize how impactful such a reduction can be.

The truth is, despite our most valiant efforts, IT systems inevitably fail from time to time, whether it’s due to a simple misconfiguration or a process that wasn’t executed properly. The key is to take the appropriate steps ahead of time so that if and when a critical incident occurs, the results will be as low-impact as possible.

To learn more about how automated incident response can protect your organization from lengthy and costly system outages, click here.





How to Get Critical Systems Back Online in Minutes