Page 226 - Cyber Defense eMagazine RSAC Special Edition 2025
P. 226
Perhaps one of the biggest weaknesses the public sector faces is the lack of intentionally proactive
cybersecurity plans. This is largely due to insufficient funding, limited access to cybersecurity
professionals, and an overall lack of documented processes. While many organizations have taken steps
to strengthen cyber protections through cybersecurity awareness training, identity management and
multi-factor authentication (MFA), powerful vulnerability patch management fails to be included. Failing
to prioritize proper vulnerability management through the patching process can create massive security
gaps that create backdoors for hackers and provide a broader attack surface.
Managing cyber risk should be the highest priority for a government entity. The consequences of an
attack could range from disastrous breaches of national security to severe disruptions to critical
infrastructure. As a result, it is crucial for entities to supplement these controls with modern approaches
that leverage vulnerability management, increase threat intelligence and invest in cyber awareness
training for personnel. Local, state, and even federal levels of government are no strangers to working
off of legacy systems, many of which are outdated or lack the flexibility to meet modern needs. In turn,
this makes legacy systems quite costly to maintain and requires even more downtime for routine
maintenance windows.
With extensive systems and networks continuing to run off of fragmented groups of IT teams across
various departments, many offices and out-sourced IT contractors find themselves in a particularly
challenging position when it comes to patching vulnerabilities in their operating systems. Coordinating
necessary downtime and repeatedly scheduling maintenance windows threatens daily business
operations and also puts the sensitive data of the citizens who depend on their service at risk. Because
of this, security vulnerabilities can remain unpatched for weeks or even months as tight budgets and
overworked IT teams struggle to keep up with demands. Meanwhile, cybercriminals are given an all-
access pass to cause widespread disruptions that can cost organizations millions, harming not only day-
to-day operations but further reduces public trust.
Currently, the go-to process for addressing security vulnerabilities involves traditional methods that
manually apply patches and bug fixes to vulnerabilities during scheduled system reboots. Because of
this, patch management gets viewed as a highly disruptive, all-consuming process that often gets
repeatedly pushed aside. This is where choosing to fight automation with automation in the patching
process can be the difference between a company going under or narrowly avoiding a damaging attack.
Stepping away from traditional methods and switching to rebootless patching, or “live” patching,
especially on out-dated enterprise systems, can allow IT teams to significantly streamline the process by
automatically applying security patches in the background as soon as they become available or as soon
as a vulnerability is detected. Immediate patch deployment also eliminates necessary downtime,
minimizing the windows of exploitable vulnerabilities and allowing public service to continue operating at
a smooth pace. Additionally, placing such a tedious task on autopilot further ensures that agencies remain
compliant with regulations while reducing the number of resources and labor required to do so.
While patching is crucial, it is only one of the tools to have in your cybersecurity toolbox. A robust security
strategy also involves proactive incident response plans and an increased cyber awareness that starts
from the inside out. Human error is a significant reason for many repeated security breaches. Tired
employees opening that last email of the day may accidentally click a phishing link without thinking or
open a spam email that infects a computer within minutes.
226
