• About
  • Subscribe
  • Contact
Thursday, May 8, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

Why security patches never full proof your network

FutureCIO Editors by FutureCIO Editors
August 2, 2022
source: https://pixabay.com/photos/pocket-knife-knife-sharp-to-cut-6551/

source: https://pixabay.com/photos/pocket-knife-knife-sharp-to-cut-6551/

Risk mitigation strategies all security engineers should know

Enterprises that rely on dated software vendor patching models still find themselves vulnerable to attacks because patches address only known vulnerabilities. They do not protect against unknown vulnerabilities. Companies today need to adopt a more holistic approach to securing their data with a suite of comprehensive managed security services.

Security Protection is a Top Priority

Data breaches not only harm organisations but also their customers or constituents. In 2021 alone, there were 623 million ransomware attacks. The average cost of a data breach is $4.2 million and 25% of all data breaches are motivated by espionage or stealing commercial information. The downtime and remediation of a security breach may be monetarily costly, but often a damaged reputation does more harm to an organisation.

Gabe Dimeglio, vice president and executive advisor, security at Rimini Street said that organisations need security solutions that go “well beyond typical software vendor patching to protect the entire environment of applications, middleware and databases using active security controls that monitor activities in real-time.”  

Some organisations still primarily rely on reports and patches from their software vendor for protection against attacks, but this strategy may have several shortcomings:

  • Dangerous limitations – do not address custom code, unsupported releases, or unknown vulnerabilities
  • Not timely – can take weeks, months, or even years to be delivered by a software vendor – and sometimes no patch is provided at all
  • Labour-intensive – may require a product or technology upgrade and might need to be regression tested before rolling into production 
  • Ongoing risk – may not be adequate to protect against an identified vulnerability sufficiently

Organisations can take better control of its own cybersecurity defence and consider solutions to extend the life of enterprise software, protecting against common vulnerabilities. The solution that engineers pick should address the issue of the outdated but popular older releases which may not be covered by vendor security patches. 

Today, organisations need a more robust system to identify malicious actions and proactively block processes that attempt to exploit known and new zero-day vulnerabilities.

Having an advanced security solution can help reduce the burden of traditional patching as well as significantly reduce time-to-protection, and eventually boost operational productivity.

Defence in Depth protection

In today’s digital-first economy, organisations should build and maintain multiple layers of security – including protecting the database layer where critical data is stored – as a part of a “Defence in Depth” (DiD) cybersecurity strategy.  DiD refers to an information security approach in which a series of security mechanisms and controls are thoughtfully layered throughout a computer network to protect the confidentiality, integrity, and availability of the network and the data within.

Rimini Street has an enhanced feature in the “Defence in Depth” strategy, equipped with a full-stack solution suite to achieve zero-day security protection against the threat of known and unknown, or even unreported vulnerabilities. It holistically includes layered application and database security software and service solutions. 

Some key tips that all information and security officers should be aware of when selecting a suite of security software, they should necessarily comprise a tool that gives protection against both known and unknown vulnerabilities. It may ride on Java Runtime, for detection and remediation before attacks reach their intended target. However, security engineers also need to be mindful that some releases may no longer be fully supported by the vendor. 

Essentials of a layered protection

Security engineers who help organisations maintain the most complete and hardened cybersecurity posture need to consider a good selection of security assessments and the right set of tools. The essentials security engineers need to have in their system include:

  • next-generation database security solution to protect data from known and unknown vulnerabilities that can continuously monitor and analyse shared memory.
  • managed service suites to look at shields that remediate the applications’ vulnerabilities at speed and scale, without touching a line of code, protecting from even sophisticated attacks.
  • tool that is able to intelligently configure guides, and security roadmaps and sniff out complex levels of security vulnerabilities.
  • security protocol and functions that can intelligently capture all steps in a comprehensive analysis, that can be reported in real-time.

Andrew Seow, group vice president and regional general manager, Southeast Asia & Greater China, Rimini Street said: “We are witnessing a documented rise in cyber attacks, with 76% of organisations expecting data breaches in 2022 globally. Regional investment in security-related products and services is also growing fast.

Rimini Protect seeks to address gaps in cybersecurity in line with “Defense in Depth” strategy to achieve zero-day security protection.

This layered security approach deploys multiple security layers and controls, designed to provide comprehensive protection for data assets and their supporting infrastructure.”

- Andrew Seow

Organisations today need more innovative suite of security solutions that are also compatible with various environments, such as SAP and Oracle. Only with these layered approaches can security engineers help their organisations beef up their defence, work faster and be better prepared to remediate and prevent cyber attacks. 

Related:  APAC COOs prefer to be called Chief Change Officer
Tags: cybersecuritydata protectionmanaged security servicesRimini Streetsoftware innovation
FutureCIO Editors

FutureCIO Editors

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe