Iscriviti al feed

Implementing the CISA known exploited vulnerability mandate with greater ease


Source: Wikipedia

The term “patching” dates back to the days of punch cards when a programmer would literally patch a hole in a punch card to correct a bug. This allowed the programmer to correct mistakes without re-punching the entire card. What a painfully manual process that would have been to scale!

We have come a long way since the mid-twentieth century when this technique was used, but patching is as prevalent—if not significantly more so—today as ever as the threat landscape is evolving more rapidly and software release cycles shorten.

“As long as we have software we will have to update it,” is a phrase common among IT professionals. There are a variety of reasons to require an update: performance or bug fixes, regulatory or vendor support requirements, or security vulnerabilities in systems. Patching also protects against security vulnerabilities like data breaches or attackers gaining control of a system. In severe cases, this leads to consequences far beyond the health and stability of the system.

The cost of data breaches

The 2022 IBM Cost of a Data Breach report says that 83% of organizations will experience a data breach more than once, and the organizations that are using automation have a 74-day shorter recovery time. A notable data point from the report stated that organizations with automated security responses saved approximately US$3 million per breach, which represented the largest cost savings opportunity examined in the study.

Additionally, the report found that “vulnerabilities in third-party software” is a leading attack vector and cost factor of data breaches where the ability of an organization to keep third-party software up to date plays a critical role in maintaining a strong security posture.

Binding operational directive

The importance of patching known vulnerabilities and the impact that these exploits can have has led the Cybersecurity and Infrastructure Security Agency (CISA) to issue a binding operational directive to reduce “the significant risk of known exploited vulnerabilities.” The Binding Operational Directive 22-01 states that federal Civilian Executive Branch agencies are required to comply with the following actions (summarized):

  1. Within 60 days of issuance [of the directive], agencies shall review and update agency internal vulnerability management procedures in accordance with this Directive. 
  2. Remediate each vulnerability according to the timelines set forth in the CISA-managed vulnerability catalog. For Common Vulnerabilities and Exposures (CVEs) assigned prior to 2021, vulnerabilities must be remediated within six months, and within two weeks for all others.
  3. Agencies are expected to automate data exchange and report their respective Directive implementation status through the Continuous Diagnostics and Mitigation (CDM) Federal Dashboard.

Are you prepared to update a vulnerability across your Linux, Windows, networking, cloud and other infrastructure within two weeks? Would this require an all-hands-on-deck response? How will you keep pace with other projects and new innovations if you are spending all your time reacting to threats instead of taking a proactive approach? It’s important to note that the CISA directive is specifically targeted toward known exploited vulnerabilities which account for a small number of overall vulnerabilities present in software as detailed here. Nonetheless, automating the swift remediation of the CISA documented vulnerabilities puts your agency in a better position to respond regardless of severity. 

Security automation with Ansible Automation Platform

Red Hat Ansible Automation Platform helps meet these requirements with a comprehensive enterprise automation solution and supported integrations for your infrastructure. Ansible Automation Platform appears on CISA’s approved product list for the CDM program to automate the deployment of remediations.

Ansible Automation Platform is uniquely positioned to address this challenge more rapidly as it is built using a common automation language that can be more easily learned and implemented across IT teams. Furthermore, Ansible builds a bridge to collaborating with application or infrastructure owners to implement testing capabilities that break down silos across traditional IT structures allows agencies to react faster without adding additional risk to system stability.

Source: Ansible.com

Backed by Red Hat Support, you have access to knowledge base articles and experts to help you get there because when the federal enterprise is at risk, there is no time for system downtime. Start your free trial today, or schedule a demo to see how powerful a culture of automation can be in your agency.

Related webinar:


Sull'autore

Will Tome is an Automation Strategist for Red Hat specializing in working with federal agencies to develop automation strategies and solutions to solve growing infrastructure complexities and security requirements. He comes from a technical background as a Solutions Architect with Red Hat Ansible Automation Platform, which allows him to translate unique technical requirements and limitations into strategies that serve the mission.

Read full bio
UI_Icon-Red_Hat-Close-A-Black-RGB

Ricerca per canale

automation icon

Automazione

Novità sull'automazione IT di tecnologie, team e ambienti

AI icon

Intelligenza artificiale

Aggiornamenti sulle piattaforme che consentono alle aziende di eseguire carichi di lavoro IA ovunque

open hybrid cloud icon

Hybrid cloud open source

Scopri come affrontare il futuro in modo più agile grazie al cloud ibrido

security icon

Sicurezza

Le ultime novità sulle nostre soluzioni per ridurre i rischi nelle tecnologie e negli ambienti

edge icon

Edge computing

Aggiornamenti sulle piattaforme che semplificano l'operatività edge

Infrastructure icon

Infrastruttura

Le ultime novità sulla piattaforma Linux aziendale leader a livello mondiale

application development icon

Applicazioni

Approfondimenti sulle nostre soluzioni alle sfide applicative più difficili

Original series icon

Serie originali

Raccontiamo le interessanti storie di leader e creatori di tecnologie pensate per le aziende