www.fortinet.com
Open in
urlscan Pro
44.199.160.6
Public Scan
Submitted URL: https://apps.global.fortinet.com/e/bfs?s=3049749&lguid=d3c431ecec654a74b98dd256c93548ee&elqTrackId=d3c09c0697824555858bb0df19ee8f...
Effective URL: https://www.fortinet.com/blog/business-and-technology/the-art-of-war-and-patch-management
Submission: On February 25 via api from CA — Scanned from CA
Effective URL: https://www.fortinet.com/blog/business-and-technology/the-art-of-war-and-patch-management
Submission: On February 25 via api from CA — Scanned from CA
Form analysis
1 forms found in the DOMGET /blog/search
<form class="b3-searchbox__form" action="/blog/search" method="get">
<input class="b3-searchbox__input" type="text" name="q" placeholder="Search Blogs">
<button class="b3-searchbox__icon" aria-label="Search" type="submit">
<svg viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg">
<path
d="M15.688 14.18l-4.075-4.075C12.36 9.06 12.8 7.78 12.8 6.4 12.8 2.87 9.93 0 6.4 0 2.87 0 0 2.87 0 6.4c0 3.53 2.87 6.4 6.4 6.4 1.38 0 2.66-.44 3.705-1.187l4.075 4.075c.207.208.48.312.753.312.274 0 .547-.104.755-.312.416-.417.416-1.093 0-1.51zM2.133 6.4c0-2.357 1.91-4.267 4.267-4.267s4.267 1.91 4.267 4.267-1.91 4.267-4.267 4.267S2.133 8.757 2.133 6.4z"
fill="#fff">
</path>
</svg>
</button>
</form>
Text Content
Blog * Categories * Business & Technology * Threat Research * Industry Trends * Partners * Customer Stories * PSIRT Blogs * Business & Technology * Threat Research * Industry Trends * Partners * Customer Stories * PSIRT Blogs * CISO Collective * Subscribe Business & Technology THE ART OF WAR (AND PATCH MANAGEMENT) By Carl Windsor | February 23, 2022 With escalating tensions in Ukraine and threats of nation-state attacks, it is worth noting that modern warfare is no longer only based on traditional ground, air, or sea assaults, but it has progressed to the point where cyber attacks are a common part of the offensive arsenal. They are commonly made on the financial, government, and communications of target countries in order to destabilize the country’s critical infrastructure and delay any required response to an attack. Even if you are not directly in the line of fire, it is a timely reminder during these concerning times that we all need to be taking our cybersecurity more seriously. This is a sentiment echoed by Department of Justice (DoJ) official Deputy Attorney General Lisa Monaco in remarks at the Munich Cybersecurity Conference. "Given the very high tensions that we are experiencing, companies of any size and of all sizes would be foolish not to be preparing right now as we speak -- to increase their defenses, to do things like patching, to heighten their alert systems, to be monitoring in real-time their cybersecurity. They need to be as we say, 'shields up' and to be really on the most heightened level of alert that they can be and taking all necessary precautions." WHY DO WE EVEN NEED TO SAY THIS? Anyone who has been keeping up with Fortinet blogs is aware that we have been saying this for some time, Prioritizing Patching is Essential for Network Integrity. We are dealing from the fallout of some customers not patching. It has caused an ongoing news cycle related to an SSL-VPN issue resolved back in 2019, which remains unpatched for some customers. If you take nothing else away from this blog, check that you have taken action to remediate this issue. Given that some organizations are not always taking action to patch, how can we better understand the reasons why, so that we can help to change this behavior? Human psychology gives us some useful clues as to why this is the case. Hyperbolic discounting is a cognitive bias that refers to the inclination to choose immediate rewards over rewards that come later in the future, even when these immediate rewards are smaller. This is most clearly demonstrated by the phrase: “A bird in the hand is worth two in the bush.” In cybersecurity terms: I will continue working on a time-sensitive project that my boss is chasing rather than patching systems against a cybersecurity issue that might never happen, thinking “maybe we’ll get lucky and nobody will attack us.” The situation in Ukraine and the warning from DoJ Official Lisa Monaco demonstrates we should not be taking this lightly but we need to change human nature if we want to succeed in prioritizing patch management. To do this, we need to give people an instant payback. REMOVING COGNITIVE BIAS This is where the Security Rating Service comes into play helping to remove this cognitive bias. It gives customers immediate feedback that the actions they are taking have an impact on the security of their systems. While this has been available for some time, in the coming months we will push this to the next level and will include patching (or lack of) into the rating. We will also provide a roll-up report in FortiCare to help encourage this process even further. Fig. 1. Example of FortiCare Platform Capabilities Find out how the Fortinet Security Fabric platform delivers broad, integrated, and automated protection across an organization’s entire digital attack surface to deliver consistent security across all networks, endpoints, and clouds. Tags: Cybersecurity Architect, Security-Driven Networking RELATED POSTS Industry Trends CYBERSECURITY MESH ARCHITECTURES: FORTINET CISOS DISCUSS THE IMPORTANCE Business and Technology THE NEED FOR A ZERO TRUST EDGE STRATEGY Industry Trends PUBLIC SECTOR CYBERSECURITY AND THREAT TRENDS * * * * * * NEWS & ARTICLES * News Releases * News Articles * Trademarks SECURITY RESEARCH * Threat Research * FortiGuard Labs * Threat Map * Threat Briefs * Ransomware CONNECT WITH US * Blog * Fuse Community COMPANY * About Us * Why Fortinet * Security Fabric * Exec Mgmt * Careers * Certifications * Events * Industry Awards CONTACT US * (866) 868-3678 Copyright © 2022 Fortinet, Inc. All Rights Reserved Terms of Services Privacy Policy | Cookie Settings PRIVACY PREFERENCE CENTER * YOUR PRIVACY * STRICTLY NECESSARY COOKIES * PERFORMANCE COOKIES * FUNCTIONAL COOKIES * TARGETING COOKIES YOUR PRIVACY When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. privacy policy STRICTLY NECESSARY COOKIES Always Active These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. Cookies Details PERFORMANCE COOKIES Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. Cookies Details FUNCTIONAL COOKIES Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Cookies Details TARGETING COOKIES Targeting Cookies These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. Cookies Details BACK BUTTON BACK Vendor Search Filter Button Consent Leg.Interest checkbox label label checkbox label label checkbox label label * 33ACROSS 33ACROSS View Third Party Cookies * Name cookie name Clear checkbox label label Apply Cancel Confirm My Choices Allow All By clicking “Accept All”, you agree to use of cookies on your device to enhance site functionality, analyze site usage, and assist in our marketing efforts. The Cookies Settings link has cookie-specific detail and preference options. privacy policy Cookies Settings Accept All "