Thursday, March 28, 2024

Security’s ‘Perfect Storm’ Leaves IT Ragged

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

The end of April is leaving IT and security administrators exhausted.

While there were actually fewer viruses and vulnerability announcements in April than in

other recent months, the alerts that did come out affected more companies than usual.

Microsoft Corp. alone issued eight new or updated alerts that were rated as important or

critical. Those alerts patched holes in all current versions of Windows — affecting nearly

every enterprise IT shop.

”Generally, there are a lot of alerts but each one usually affect products that only so

many people have on their networks,” says Kevin Nelson, a co-founder of Threat Focus Inc.,

a security company based in Tustin, Calif. ”When you have eight big announcements from

Microsoft, that’s pretty much covering everybody out there.

”April happened to be the perfect storm with so many alerts coming from major vendors all

at once,” he adds.

Nelson also notes that his customers have to deal with an average of seven to 10 alerts in

a typical month. But this month, many have been slammed with 20, and some of the largest

enterprises had to handle upwards of 50 alerts.

Besides the eight Microsoft alerts, Cisco and Sun issued several of their own in the past

30 days.

”All of this takes a lot of time to deal with,” says Nelson. ”An administrator has to

evaluate the alert and what the vendor is saying about it, and then they have to download

the patch, test it and then deploy it. We talked with several IT administrators and they

were distinctly overwhelmed.”

Steve Sundermeier, a vice president at Central command, a security company based in Medina,

Ohio, says a continuing flood of variants from the Netsky and Bagle families of worms are

keeping administrators hopping. And on top of that, they’re still dealing with the Object

Tag vulnerability in Windows.

”There is no sign of these two worms slowing down anytime soon,” says Sundermeier. ”And

every variant means a new update to our software and every update means it’s one more thing

for IT managers to download and deal with.”

And with all of these alerts, patches and viruses to deal with, it’s getting pretty hard to

get anything else done.

”Anytime you have security issues that you have to deal with, you go into fire fighting

mode,” says Nelson. ”You’re not able to work to the plan you had prior to that. All of

that gets pushed to the side.

”IT administrators are tired,” he adds. ”And the month of April has made them more

tired.”

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles