From the increasing sophistication of cyber attacks to the exponential growth of internet enabled devices, the world of Cyber Security is continuously evolving. It is amongst these changes that organizations must remain vigilant in order to protect their critical infrastructure against the risk of externally or internally launched cyber attacks.
The last two years has witnessed several key moments for the Cyber Security industry which has served as clear reminders that cyber threats are not only real, but should be revered more than ever. Data breaches in some the world’s largest organizations have received extreme media attention owing to the significant financial implications and damages to reputation. Major software platforms such as Microsoft Windows XP © and Server 2003 have become End of life and will no longer receive manufacturer support. Financially incentivised ransomware campaigns and zero day vulnerability exposures are becoming more and more frequent as cyber criminals increase their focus and capabilities of achieving their goals.
Admittedly, these factors may appear to paint a bleak representation of the cyber security landscape but rest assured that things will only get worse! In 2015, 38% more security incidents were detected than in 2014 with more than 117,000 cyber attacks happening worldwide each day. With these statistics in mind, it is no wonder that software manufacturers and Antivirus vendors face an ever increasing battle to ensure that their products are protected against the latest cyber threats and industry developments…But their challenge very quickly becomes our concern!
Due to the introduction of hundreds of newly released updates from various vendors on a daily basis, it is essential that procedures and practices are in place to ensure that the functionality of your critical infrastructure is not compromised. Software updates and security patches are intentionally designed to modify operation in order to prevent unauthorized action – it is for this very reason that we need to be concerned.
Software manufacturers do not have the resources and multiple hardware / software combinations to carry out specific testing on bespoke or proprietary solutions. In November 2015, Microsoft released a security patch which caused application crashes and denied system access via network logon. The update proved to be extremely problematic for any system administrator who allowed the update to propagate through their network untested.
The IP based Radio communications systems manufactured by Motorola Solutions are extremely complex , containing a wide array of proprietary software applications running on third party operating system platforms and tailored hardware configurations. Testing the impact of software and security updates on Motorola Solutions communications systems does not fall within the remits of the originating vendor, they have neither the access to resources or the expertise to do so. It is therefore down to the system owner to ensure that software and security updates are adequately tested before deployment to the live environment. Failure to do so could lead to loss in availability to your critical systems.
The Motorola Solutions Security Update Service (SUS) ensures confidence that each and every security patch or Antivirus update has been placed through rigorous pre deployment testing in purpose built security facilities. No security update will enter the system untested and without confirmation that core functionality will remain unaffected. Dedicated test systems and resources are necessary but can be expensive to implement and maintain. The Security Update Service (SUS) can eliminate the need for test system expenditure whilst still providing peace of mind in all security updates applied to critical infrastructure. Security updates are released on a weekly and monthly basis to ensure that the latest available patches can be applied in a timely manner. Motorola Solutions Security Update Service (SUS) has 300+ customers in more than 30 countries worldwide.
To learn more about the Security Update Service (SUS) and how we can help to secure your critical infrastructure visit Motorola Solutions
Paul Hill is the EA & APME Security Services Delivery Lead at Motorola Solutions.