Wednesday, June 23, 2021

Security’s ‘Perfect Storm’ Leaves IT Ragged

The end of April is leaving IT and security administrators exhausted.

While there were actually fewer viruses and vulnerability announcements in April than in

other recent months, the alerts that did come out affected more companies than usual.

Microsoft Corp. alone issued eight new or updated alerts that were rated as important or

critical. Those alerts patched holes in all current versions of Windows — affecting nearly

every enterprise IT shop.

”Generally, there are a lot of alerts but each one usually affect products that only so

many people have on their networks,” says Kevin Nelson, a co-founder of Threat Focus Inc.,

a security company based in Tustin, Calif. ”When you have eight big announcements from

Microsoft, that’s pretty much covering everybody out there.

”April happened to be the perfect storm with so many alerts coming from major vendors all

at once,” he adds.

Nelson also notes that his customers have to deal with an average of seven to 10 alerts in

a typical month. But this month, many have been slammed with 20, and some of the largest

enterprises had to handle upwards of 50 alerts.

Besides the eight Microsoft alerts, Cisco and Sun issued several of their own in the past

30 days.

”All of this takes a lot of time to deal with,” says Nelson. ”An administrator has to

evaluate the alert and what the vendor is saying about it, and then they have to download

the patch, test it and then deploy it. We talked with several IT administrators and they

were distinctly overwhelmed.”

Steve Sundermeier, a vice president at Central command, a security company based in Medina,

Ohio, says a continuing flood of variants from the Netsky and Bagle families of worms are

keeping administrators hopping. And on top of that, they’re still dealing with the Object

Tag vulnerability in Windows.

”There is no sign of these two worms slowing down anytime soon,” says Sundermeier. ”And

every variant means a new update to our software and every update means it’s one more thing

for IT managers to download and deal with.”

And with all of these alerts, patches and viruses to deal with, it’s getting pretty hard to

get anything else done.

”Anytime you have security issues that you have to deal with, you go into fire fighting

mode,” says Nelson. ”You’re not able to work to the plan you had prior to that. All of

that gets pushed to the side.

”IT administrators are tired,” he adds. ”And the month of April has made them more

tired.”

Similar articles

Latest Articles

3 AI Implementations That...

I was on a joint educational call for the World Talent Economic Economic forum on mobile computing this week. We drifted to topics that...

Survey of Site Reliability...

NEW YORK — Site reliability engineers (SREs) are warning of a looming scalability ceiling and saying the adoption of AIOps isn’t happening at a...

Druva Integrates sfApex to...

SUNNYVALE, Calif. — A maker of software for cloud data protection and management is helping companies safeguard essential customer data that their sales and...

Best Data Science Tools...

Data science has transformed our world. The ability to extract insights from enormous sets of structured and unstructured data has revolutionized numerous fields —...