I've just installed the latest critical security patch from Microsoft. Fortunately, I was warned about its release by good friends in Seattle. In fact, it's unusual these days for Microsoft to release out-of-band updates. One would hope that most of these could safely await the regular 2nd Tuesday update cycle. That's an easy date for London based security managers to remember, as it's exactly a week after the regular City booze up.
But clearly there's something urgent about this patch. Either it's really damaging, or there's an exploit already circulating. Whatever the reason, the implication is that, these days, you have to be on your guard 24 by 7 to maintain security. That means you have to establish really good intelligence feeds. I've long said that visibility and context are the cornerstones of good security. You must be equipped to see new threats, exposures and incidents. And you must be able to assess their significance in real time.
In fact, this is the basis of professional security. Regardless of what the textbooks tell you, the first thing you must do is set up an effective intelligence system: one that reports new threats, existing vulnerabilities and current incidents. And one that can assess the significance of everything reported. All of this is possible and achievable, within reasonable cost and budget, by sensibly exploiting today's technology and services. So, if you, or your staff, didn't immediately pick up and respond to this latest scare, then you should aim to raise your game right now.
