Main que:Review NIST’s guidelines for Patch Management at https://csrc.nist.gov/publications/detail/sp/800-4… . Next research the Equifax breach that occured last year. Analyze the breach in the context of NIST’s recommendations. What was Equifax lacking that contributed to the breach? Research and discuss how much this breach will this likely cost them? What steps you would take if you were tasked with managing that system to ensure that this didn’t happen again? What policies might you need to create? What controls in those policies
Patch management defines the processes that show the resources of the systems to describe product verification and installation process of patches. It will overcome the challenges that are faced by the patch systems where it describes the basic understandings of the organization enterprise management solutions for the technologies that are described over the importance of the patch management. It understands the measurements of the technology that defines the process of patch management (Sivrieva, 2018). Equifax explains the vulnerability attacks that cause for the application systems, and it reports the error over organization data. It consists of executing the commands will describe the process of the systems that are considered of mitigating risks. It understands the best practices of the systems that include of the attacks is applicable for security systems. A data breach has cost millions of dollar for a company that explains more loss has occurred for the data management in the company. It describes the process of expenses that cost high for the company.
Handling situation at difficult times will develop the ability of my skills which process the projects that explain the examples of the system that perform multiple tasks of the systems. It shows the development of the complexity errors are described and handled over projects (Souppaya & Scarfone, 2013). This process will describe the managing activities of employees in the organization. It explains that task prioritization will formulate the work importance of the systems. This process, the mistakes are developed by the following tasks which process the risks that consider standard solution is determined. Policy creation is important for information gathering will understand the process of developing policies that will establish a process for the systems that are known to the potential implications of the project that is developed. Controlling will be processed by the employees in the organization that process the appropriate policy of the system.
What was Equifax lacking that contributed to the breach?
Equifax has established that opponents joined their process in 2018 by way of a web-application weakness that had a repair accessible 8 weeks before the breach. Put simply, the credit-reporting huge had significantly more than 8 weeks to get steps that could have defended the private data of million peoples from being exposed. but It didn’t.
Research and discuss how much this breach will this likely cost them?
Equifax had a $125 million cybersecurity insurance coverage during the time it absolutely was breached, with a $7.5 million deductible. they have received the utmost compensation underneath the insurance coverage of $125 million, that was obtained just before 2019 and It will probably pay about $650 million and possibly more than that to solve many states coming from the 2017 information breach that subjected painful and sensitive informative data on significantly more than 147 million customers and shown how small get a grip on Americans to have around their personal data.
What steps you would be taken to make sure it will not happen again?
Ensuring request and cybersecurity are crucial to the hyper-connected world. An intensive penetration check or code evaluation can have discovered the safety chance early on. Presenting strong automation into the business’s safety screening could have also helped. They could have been ready to spot the chance a long time before it turned a significant problem. Internet protection needs time and investment. It’s worthwhile to offer clients with the protection they expect. Build a brand name that may make trust. A stronghold that may defend everybody in and external the business may reap numerous benefits. Companies should price cybersecurity. Till then, substantial knowledge breaches may continue steadily to occur.
What policies might you need to create?
It should follow the Security policy to mitigate the risk and follow the Preventative control as well.
Equifax was, and remains, one of the three biggest credit reporting agencies (CRAs) in the United States with virtually every adult having information collected by Equifax in some form. During mid-may to July of 2017, the company was attacked using a known vulnerability (CVE-2017-5638) in Apache Struts. This vulnerability took advantage of remote code execution that could be performed on user input forms. This exploitation allowed the attackers to gain access and pivot through the servers and access databases and files. Unfortunately, the usernames and passwords for some of the servers were stored in plain-text which allowed the attackers to quickly access the data of 143 million users. This includes mostly social security numbers and licenses for those individuals, but it’s estimated 209,000 credit cards were exposed as well.
To make matters worse, Equifax didn’t expose the breach until September of the same year. Before the company went public, many high-ranking officials and associates dumped individual stocks in huge quantities to avoid losing a significant amount of money resulting from the loss of consumer confidence. It’s assumed there was some insider knowledge that was utilized inappropriately as there is no evidence that these trades were scheduled before the break was discovered.
Equifax could have prevented these problems by implementing the guidelines outlines by NIST Special Publication 800-40 version 2.0. To highlight the most important, NIST recommends end-to-end system encryption especially for sensitive data and storing passwords in clear text was a direct violation. At the beginning of the provided document, NIST addresses that main point of negligence: “Patch and vulnerability management is a security practice to proactively prevent the exploitation of its vulnerability.” The failure to address the Apache Struts issue in a reasonable amount of time was the reason for the exploitation. In the future, it was recommended by NIST that agencies discontinue using knowledge-based verification that could be obtained from these records as many of the inquiries could be easily answered with minimal research or access to breached data. Next, two-factor authentication would increase security for those exposed by requiring an SMS text message code upon each login that may have access to sensitive information.
As per the research, I found that the Equifax breach happened due to the vulnerability in the web application where users can report any issues while using the app the hacker used that application and found the loop and entered the system through that web application and access the database and retrieved the data from there without popping any alarm. They accessed almost 51 databases and stooled all the sensitive user information and even while they were retrieving the data their presence was not known as they were doing it in the small increments.
Equifax know that there is vulnerability 2 months earlier but they havenâ€™t pushed the code to the production as a huge company they might have followed some quick thing to resolve this kind of security vulnerability then the organization would have been impacted by these kinds of attacks.
Every an organization should have a proper patch management process as not only for fixing the bugs or the vulnerabilities we will also send the new functionalities in the patch. So there needs to be some kind of testing needs to be done in the lower environments and make sure nothing is breaking.
As per the NIST Patch management is nothing but fixing the flaws in the software or the product is known as the patch management. It not only fixes the software flaws but also pushes new code to the production environment.
As per the Patch management, there are some security compliance frameworks which need to implemented. For ex: NIST Special Publication (SP) 800-532 requires the SI-2, Flaw Remediation security control, which includes installing security-relevant software and firmware patches, testing patches before installing them, and incorporating patches into the organizationâ€™s configuration management processes.
As Per my research, I would suggest if the above patch management policies have been implemented proper then the Equifax might have not been breached.