New technology can be just as vulnerable as old technology if it is unpatched.
Following on from ArcSight senior vice president of marketing Reed Henry's thoughts, where he claimed that companies using old technology that is not up-to-date are being left at risk, Ashish Patel, country manager UK & Ireland for Stonesoft, claimed that the problem extends to new as well as old technology due to managing and keeping up-to-date with patching.
Patel claimed that as vulnerabilities exist in new operating systems, it is not a case of only old technology being out of date.
Patel said: “Patching needs to be done but it is not done quickly, also you will never be ahead of the curve, you are fixed once the problem has been assessed. One of the issues is the information is processed after the event but once you have got it you have to apply it and it needs to be tested and rolled out, this leaves you uncovered and everyone knows that you will not be able to apply it on day one.
“It also removes the old patch and this creates a new vulnerability, so this all needs to be done but a window of vulnerability remains where the problem is known.”
Patel claimed that technology such as an intrusion prevention system (IPS) helps in this instance, as once you have an IPS you can block the vulnerability before it is exploited and reduce the vulnerability window.
Patel said: “We look for the DNA of the attack so that we are always ahead of the game, instead of looking for an attack in a particular way; we can see it before it takes place. It is about being proactive and using technologies and protecting yourself.”