Dec 18, 2015
As technology continues to evolve, the security threats faced by organisations are growing in diversity, complexity and efficacy. To protect your sensitive information in light of these threats, you need to understand and take action on the most pressing problems. Today, I'm looking at zero-day vulnerabilities - a relatively unknown attack vector capable of breaching secure systems without the owners even being aware.
What is a Zero-Day Vulnerability?
Zero-day vulnerabilities refer to undisclosed security 'holes' in an application, completely unknown to the vendor. If identified by malicious parties, these vulnerabilities can be exploited by hackers without the knowledge of vendors or end-users - causing serious security breaches that victims may not be aware of.Once identified, the vendor has to rush to release an immediate patch to correct the vulnerability - with 'zero days' to plan and advise on remediation.Zero-day attacks are relatively unknown, and difficult to defend against as a result. A study by Symantec has seen year-on-year growth of zero-day vulnerabilities, with 2013 alone registering a 61% increase in vulnerabilities.Even though the top five vulnerabilities were patched within four days of detection, a total of 174,651 attacks were registered within just 30 days of the vulnerabilities being identified.
They Impact the Software You Use...
With organisations reliant on dozens of different software applications, a zero day vulnerability in any app or service can put your secure systems at risk. The more software used by your organisation, the more possible vulnerabilities exist, increasing the likelihood of a successful attack and data breach.The problem is worsened by shadow IT - with employees using potentially insecure applications outside of the knowledge of IT and security teams.
...And The Software You Develop
The launch of any new application brings with it a host of risks - including the possibility of a serious and undetected zero-day vulnerability.Without a rigorous testing procedure, used throughout the software development lifecycle (SDLC), the likelihood of a vulnerability increases massively. This necessitates an immediate and costly remediation once the problem is revealed - something that's only possible after the vulnerability has damaged the end-users' secure systems and the vendor's reputation.
Defending Against Zero-Day Vulnerabilities
1) Vet Your Software
Once a zero-day vulnerability has been detected, it needs to be fixed as quickly as possible. When you're relying on a third-party to fix issues with software your organisation uses, it's essential to partner with security-conscious vendors in full-compliance with the best practices of application security.Learn more: How to Choose Secure Software for Your Organisation.
2) Roll-out Employee Security Awareness Training
Zero-day attacks can't be fully eradicated, so it's essential for your employees to understand how they can help guard against the threat.As soon as a potential security problem has revealed itself, your employees should understand exactly how to take action: understanding the hallmarks of a security breach, and knowing who to report the problem to.Learn more: 8 Essential Components of an Effective Security Awareness Curriculum.
3) Roll-out Developer Security Training
When developing your own applications, it's vital to ensure that security testing is carried out throughout the SDLC. The sooner a problem can be detected, the cheaper it is to remediate - making it possible to detect serious vulnerabilities before they make it into release.Learn more: Is it the Right Time to Train Your Software Developers in Security?
4) Plan for a Data Breach
Even with all of these practices in action, it's impossible to completely eradicate the risks of a zero-day attack. With that in mind, your organisation should always have a plan in place for dealing with a successful data breach.Learn how to roll-out application security training in your organisation, and download our free eGuide below.