I recently spoke with Yaniv Bar-Dayan, CEO of Vulcan Cyber, and he made a good point that, with staff forced to work from home, it's a rare opportunity to get important IT projects squared away especially security patches -- Vulcan's specialty.
During normal times, the enterprise IT department treads cautiously in making any changes to their main production environments. There are serious risks of upsetting core IT business processes by making a change that sets off unexpected problems. There's always a big backlog of IT tasks that need to be done. However, it looks like there's a way to get that list done a lot more quickly during the COVID-19 lockdown of 2020.
"At every large company, their main IT systems are heavily used during the year. That means most upgrades, and any changes, have to be squeezed into a weekend or a holiday and that leaves little time for testing. You run the risk it doesn't start up the same way come Monday," says Vulcan's CEO Yaniv Bar-Dayan.
"With so many staff told to work from home, important IT upgrades and security patches can now be done, and with less risk of downtime when everyone returns to the office."
DON'T PATCH EVERYTHING
Vulcan's platform scans client IT systems for vulnerabilities then tracks down the right patch and the best remediation method. It is integrated with dozens of leading IT tools to create a platform that can handle vulnerabilities at scale.
There are hundreds of thousands of security patches out there, but Vulcan will tell you that a few of the important ones will eliminate many related security issues. A little work now goes a long way -- if you know what to do.
With consumers and business buyers stuck at home, it is the e-commerce side of a business that is super important. During the important fourth-quarter holiday sales season, companies won't risk making any changes to their e-commerce systems. Now things are reversed, it is the main IT systems that can be upgraded and patched with less risk of downtime problems. But don't mess with the e-commerce systems.
Vulcan's platform is designed to scale and to interface with all the standard IT tools. It makes heavy use of machine learning and also human intelligence -- IT experts that can analyze new security threats and solutions. And sometimes a patch isn't needed and a simple workaround will eliminate dozens of related issues, says Bar-Dayan.
Vulcan's reports identify the top vulnerabilities and the detailed remediation steps necessary. It is a huge time-saver for cybersecurity teams.
Vulcan also recommended using a combination of Docker containers and Kubernetes to avoid any problems during upgrades. This combination provides IT teams with a giant "undo" button where they can roll-back to a prior stable state if something goes wrong. (Here is a description on Vulcan's blog: Easing Up Patching Using Containers and Kubernetes.)
By storing images that are snapshots of the IT environment, the upgrade process, and testing cannot harm the core IT systems because the original state is always available.
Here's another tip from Vulcan: No one directly owns this problem, so IT security has to be tackled as a collaborative process between many stakeholders. This requires cooperation and there are many stakeholders involved, Dev/Ops teams, apps developers, the enterprise security team, and the line of business managers. All the stake-holders have to be aligned on the same goals. It gets complex.
After most of these COVID-19 disruptions dissipate and some companies have managed to use their downtime to modernize and secure their core IT systems faster than they expected -- then we should expect to see them perform with a distinct business advantage. After all, IT is competitive -- a $3.9 trillion market can't be wrong.