Cybersecurity Awareness Month: Don't Let Vulnerability Management Be Your Achilles' Heel

Cybersecurity Awareness Month is now in its 19th year, initially launched by the Department of Homeland Security and the National Cyber Security Alliance to ensure organizations and consumers are ready to take on the cybersecurity landscape. This year's theme, "See Yourself in Cyber,"demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people. We heard from industry experts from around the world on what organizations need to take away from Cybersecurity Awareness Month 2022. JP Perez-Etchegoyen, CTO at Onapsis

"Cybersecurity Awareness Month serves as a timely reminder for companies to reevaluate their cybersecurity processes after a year of tumultuous cyberattacks and data breaches across industries. Cybersecurity has continued to rise in importance throughout a year plagued by ransomware and supply chain attacks as organizations of every size and industry have realized the importance of preventing and protecting against cyber threats.

Business continuity and brand reputation hinge on an organization's ability to maximize the availability of business-critical applications while embracing innovation and operationalizing security and compliance. Protection of business-critical applications is especially important as cybercriminals continue to identify and exploit vulnerabilities. Vulnerabilities in these applications can lead to exposure and end up in data potentially being stolen. During a recent study, Onapsis Research Labs found that new, unprotected SAP applications provisioned in cloud (IaaS) environments were discovered and attacked in less than three hours, stressing the need to “shift left” and ensure new mission-critical applications are provisioned securely from day one.

Enterprises must evaluate all systems in their IT landscape for any cyber threats, including unpatched systems, permissive access controls, insecure integrations, or misconfigured services. Then, they should implement any necessary mitigations right away to protect their mission-critical applications and business from sophisticated cybercriminals. To guarantee that these applications are fully and effectively protected, they must also leverage a business-critical application security program in their overall cybersecurity strategy. This will allow them to reduce the costs and risks associated with transformation so the business can achieve its top-line growth initiatives."


###