US Cyber Command is warning companies to immediately implement a critical patch for a potentially devastating security vulnerability in a number of Palo Alto Network products. Affected products include its firewall and VPN application, in wider use since the onset of work from home in March. According to the alert, the vulnerability is related to the company’s Security Assertion Markup Language. If exploited under certain conditions, it could allow a hacker access to a corporate network with administrator-level access without requiring the administrator’s login information.
The rise of business disruption-type breaches that most commonly take the form of ransomware is driven by several factors. One such factor today is the increasingly complex threat environment created by the rapid acceleration of digital transformation and remote work. This is a perfect example of the serious risks facing corporate networks as a single vulnerability could lead to a global shutdown of operations if exploited successfully.
It also calls attention to the critical importance of cyber policies and processes that dictate how identified vulnerabilities like this get patched. Company A that has invested in the latest and greatest technology is no safer than Company B with inferior technology if Company A does not properly manage the technology, including strong patching cadences. This is why Cyberhedge data indicates that the difference between good and bad cyber governance stems not from the technology a company has but the management of the technology.
This is an inconvenient truth for a cybersecurity industry that thrives on the notion that buying more product is equal to stronger security. But the facts contradict this idea, as 53% of attacks occur undetected and 80% of tools are underused at default settings. Management—including policies and processes tied to patching critical vulnerabilities—is a difference maker, especially in this era of remote work.