Summary (Part 7 of 7: Mitigating Risks of Unsupported Operating Systems)
PUBLISHED IN
Insider ThreatIn this blog series, I explained the five actions your organization can take now to ensure its cybersecurity and address the risk of having unsupported software. These five actions work together to protect your organization from cyber attacks when it chooses to keep unsupported software on its network.
In the wake of WannaCry--a ransomware campaign that targeted Windows operating systems--organizations running unsupported software were unable to deploy the patches Microsoft released to neutralize the attack. More ransomware campaigns and cyber attacks will happen; we just don't know what they'll be or what they'll target.
Having unsupported software limits your ability to apply fixes and patches that vendors supply. Keeping unsupported software increases your risk of attacks that might cripple your organization. You can reduce your organization's exposure to risk by
- defining your risk tolerance
- managing your software inventory
- upgrading, replacing, or retiring unsupported software
- establishing and maintaining whitelists
- creating and enforcing a policy to manage unsupported software
For more information about risk and resilience in your organization, see https://www.sei.cmu.edu/research-capabilities/all-work/display.cfm?customel_datapageid_4050=20128, or contact me at info@sei.cmu.edu.
Written By
More By The Author
More In Insider Threat
PUBLISHED IN
Insider ThreatGet updates on our latest work.
Sign up to have the latest post sent to your inbox weekly.
Subscribe Get our RSS feedMore In Insider Threat
Get updates on our latest work.
Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.
Subscribe Get our RSS feed