Windows users are notorious for holding onto aging operating systems and PCs many years after their sell-by date. A couple of years back, for example, an entire publishing and events office was discovered to still be running on Windows XP. No doubt there are XP machines sitting about in unsuspected places. Yet Microsoft ended support for that OS a decade ago. Since then, no security updates have been issued for it.

The same thing now applies to Windows 7 and 8. According to StatCounter, Windows 7 accounts for 11% of global Windows users as of September of 2022. Windows 8 has almost 4% market share and XP still manages half a percent. But even though the bulk of users have transitioned to Windows 10 (68% and are being heavily encouraged to make the switch to Windows 11 (currently only accounting for 17% of Windows users), that still leaves a large number running on obsolete, unsupported, and highly insecure OSes.

Windows, after all, rules the desktop and laptop space with three quarters of all installations. Microsoft estimates that 1.5 billion devices worldwide are running on Windows 10 or above. That means several hundred million users continue to run XP, Windows 7, and Windows 8 – and some of them could be lurking within your network or somewhere along your supply chain.

It becomes an urgent priority for organizations to find these users and upgrade them fast. Otherwise, they will no longer qualify for technical assistance and will get no more software updates. Crucial security updates for Windows 7 and 8 have officially ended. Any new exploits that can attack these systems will receive no patches from Microsoft.

Microsoft is asking Windows 7 users to skip 10 and move directly to Windows 11.

“PCs have changed substantially since Windows 7 was first released 10 years ago. Today’s computers are faster, more powerful, and sleeker – plus they come with Windows 11 already installed,” said an official announcement from Microsoft.

In most cases, a PC or laptop upgrade will be required – the new OS has much higher requirements for memory and processing power.

Anyone considering hedging their bets and moving to Windows 10 should know that its support will end in the fall of 2025. Why upgrade yet again in a couple of years and open yourself to yet another round of insecure devices to fix?

Those determined to stick with Windows 7 face an uphill task. Not only is Microsoft abandoning them, so, too, is the rest of the software ecosystem. Google, for example, is about to release a new version of Chrome, which will no longer me operable on Windows 7 or 8. That means no more updates for Chrome users on Windows 7 and 8 i.e., yet another gaping security hole impacting those users.

When Windows 7 supported began to disappear a in 2020, it attracted a great many cybercriminals. They began to look for the OS, knowing that they could penetrate it due to well-known and no longer patched security holes. The FBI issued a warning to private industry to get rid of it as quickly as possible. Many have yet to heed that advice.

Steps to Take Immediately

In light of these announcements, organizations are urged to take the following steps.

1. Conduct a detailed inventory of all operating systems running throughout the enterprise using Syxsense Enterprise.

2. Note all versions of XP, Windows 7 and 8 running, as well as older no longer supported Windows 10 instances (such as versions 1803, 1809, and 1909).

3. Work out a plan on how these machines are to be a) protected right now b) moved to Windows 11, and c) replaced with more modern PCs and laptops that qualify to run Windows 11.

4. Until the migration occurs, place all Windows 7 and 8 systems behind a dedicated firewall and protect them with intrusion prevention and anti-malware tools. Also, disable remote access to those systems unless sit is behind a VPN.

5. Survey your supply chain partners and even customers that have trusted access to your network. Verify that they have no users still on obsolete Windows OSes. Demand that only those on Windows 10 and 11 will be allowed access.

6. Use Syxsense Enterprise to conduct regular vulnerability scans throughout the network, and initiate remediation steps for vulnerabilities found.

7. Set up Syxsense Enterprise to automatically prioritize, deploy patches throughout the enterprise.

Syxsense centrally manages, and fully automates all inventorying, scanning, patching, and remediation. It reviews, verifies, tests, and issues all patches within three hours of issuance. Its software can automatically deploy those patches to all users and devices. It also contains a patch rollback function in one of the rare instances when a problem arises due to a new patch. This represents the most efficient way to deal with the onslaught of new patches. It also frees up IT and security personnel to take care of other urgent areas of security for the enterprise.

For more information, visit: www.Syxsense.com

A recent survey by Foundry Research highlighted the fact that little has changed in the cybersecurity world of late. Organizations remain deeply worried about their inability to spot threats, respond to them in a timely manner, and train staff to avoid being tricked by scammers.

Across public and private sector organizations, the biggest issues were found to be threat response/remediation (55% among public sector and 53% among private sector respondents), improving detection of emerging threats (49% and 47%, respectively), and improving user security awareness (46% and 50%). Further issues cited included securing the supply chain (37% in the private sector compared to 28% among public sector respondents) and enabling secure Work-From-Home (WFH) or remote work (31% compared to 22%).

These findings demonstrate that the basics of security remain areas of difficulty in many government and private organizations. A big part of the issue is that these organizations are overwhelmed by the volume of data they must deal with to maintain a tight security posture. They are inundated with alerts and must trawl through massive logs across multiple applications to try to spot what is going on. Accordingly, the survey revealed that public sector organizations, in particular, struggle to leverage data to detect and prevent threats (63% compared to 49% of private sector respondents) and mitigate cybersecurity events (66% versus 56%). More than half of all agencies and organizations believe that it is challenging to harness data to inform cybersecurity decisions, detect and prevent threats, and mitigate events.

What underlies these challenges? Skills gaps (40% among both public and private sector respondents), lack of resources (31% public sector, 35% private), data integration (28% and 33%), and lack of visibility into the threat landscape (32% and 29%) were cited in the report. These issues inhibit their ability to act on data and resolve security events.

Budget, too, is a major obstacle when it comes to addressing cybersecurity priorities, according to three quarters of organizations surveyed. 48% of public sector respondents reported budgeting as an obstacle to a great extent and another 31% to some extent. In the private sector, 35% say budget impacts them to a great extent (35%) or to some extent (40%). More than one-third said their cybersecurity budgets were too low to address priorities and mandates (44% of public sector, 35% of private sector).

Getting Help with Cybersecurity

These results indicate that organizations need all the help they can get when it comes to cybersecurity. They are having trouble managing the many in-house security tools they have at their disposal, don’t have enough trained personnel to understand their risk posture and respond effectively to threats, and lack adequate budgets to resolve their ongoing security problems. The solution to these woes is to import as much help as possible via SaaS applications for cybersecurity. These can either be delivered directly from the vendor or via an MSP.

Syxsense Enterprise is a SaaS platform that automates the entire process of managing, monitoring, patching, scanning and remediating endpoints anywhere. It provides the necessary level of automation to make it feasible for IT to manage a vast number of endpoints, and soon, an even larger number of IoT devices and sensors. It automates all aspects of endpoint management and security. It is the only way to stay on top of patches, vulnerabilities, and endpoint security.

Alternatively, Syxsense Enterprise can be white labelled and offered to MSPs as a new service for their clientele. The Syxsense Managed Service provider program is designed for MSPs and MSSPs looking to provide a higher level of management services to their customers. It consolidates multiple solutions together into a single offering that includes IT Management, Patch Management, Security Vulnerability Remediation, and a robust policy based Zero Trust product.

Syxsense combines the power of artificial intelligence with industry expertise to help customers predict and remove security threats across all devices. Its unified security and endpoint management platform centralizes the three key elements of endpoint security management (vulnerabilities, patch, and compliance) and layers on a powerful workflow automation tool called Syxsense Cortex™ through a single cloud-based platform, enabling greater efficiency and collaboration between teams. The always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm.

For more information, visit: www.Syxsense.com

A new study examined Security Service Edge (SSE) adoption, and the role it plays in establishing a zero-trust architecture. According to the report, SSE’s popularity is reflected in the fact that 71% of cybersecurity professionals are familiar with it, despite it only being around for about two years. In fact, SSE ranks above single sign on (SSO), multifactor authentication (MFA), endpoint security, and Security Information and Event Management (SIEM) in the minds of IT executives as a key technology in the achievement of zero trust. That’s why 65% of organizations plan to adopt SSE in the next 24 months, with 43% planning on implementing before the end of 2023.

Zero trust is all about securing endpoints, applications, IT infrastructure, and data based on the assumption that any network or endpoint is always at risk of either internal or internal attack. Accordingly, zero trust means individuals are not automatically trusted just because they are on the network. They must prove who they are and are given limited access to only the systems they need. The same applies to devices. Zero trust verifies machine identities and picks up changes such as the browser being used for access. In essence, all devices and identities are not trusted and are denied access to corporate assets until they can meet a defined set of criteria.

SSE has quickly become a top strategic initiative for organizations due to the role it plays in Secure Access Service Edge (SASE) adoption and successful zero trust implementations. The study found that 67% plan to start their SASE strategy with an SSE platform, compared to 33% with SD-WAN. Why? SSE is seen as more secure while also bringing gains in terms of cost reduction and productivity.

Access Complexity

An area of confusion emerged in the study – access complexity. Researchers found that 63% of enterprises have at least three access security solutions in play. Nearly a quarter leverage six or more access solutions. As well as raising costs, management complexity, and taking up IT time, this mess of access applications inevitably leads to security holes. Cybercriminals are eager to exploit any areas where access controls are weak or missing. Users of legacy access solutions, in particular, believed their top challenge was that their current platforms granted too much inherent trust to users. This goes against the grain of the zero-trust mindset.

The survey showed that SSE services are seen as providing a means of reducing costs. The top two legacy solutions that enterprise security teams will look to replace with SSE in the coming year will be VPN Concentrators (63%) for VPN, SSL inspection services (50%), Distributed Denial of Service (DDoS) (44%), and data loss prevention (DLP) services (42%).

Implementing Zero Trust in the Enterprise

Security vendors are coming to market with all manner of tools aimed at achieving zero trust goals. The latest version of Syxsense Enterprise forwards these goals via an integrated Zero Trust module. By using Syxsense for vulnerability detection management and remediation, organizations have no need to add additional products or tools to achieve zero trust protection. Further, Syxsense Enterprise consolidates different tools for patching, vulnerability scanning, remediation, mobile device management (MDM), and zero trust in one unified platform. It blocks users on untrusted devices, automatically triggers actions to prevent breaches, and enables endpoint compliance using Zero Trust Network Access policies (ZTNA).

The Syxsense Zero Trust module, then, serves as a trust evaluation engine for endpoints. Security teams can use it to build sophisticated access policies, apply

apply fixes and remediate issues in real time to enable (or block) access. In addition, remediation of non-compliant endpoints includes automation to take care of tasks such as deploying an urgently needed security patch, updating the anti-virus signature database, and alerting IT about unauthorized access attempts.

For more information, visit: www.Syxsense.com

Software-as-a-Service (SaaS) is very much in demand, according to a new survey. This is good news for vendors offering SaaS services as well as MSPs who are grabbing a steadily larger slice of the expanding as-a-Service pie. The report reveals that many companies are struggling to manage their many SaaS applications. They often don’t know which apps are running, who authorized them, who needs them, and how much they cost. Only about 40% of businesses, it turns out, comprehensively track SaaS information. The rest are seriously lacking in relevant data about their SaaS portfolio.

One of the key findings was that 30% of organizations already spend 50% of more of their software budget on SaaS. Another 40% estimate that SaaS accounts for anywhere from 25% to 50% of their software expenditure. Thus, in the modern world, only 30% of organizations have less than 25% of their annual software budget being spent on SaaS. Clearly, SaaS is here to stay. That is good news for the vendors offering it as well as MSPs who add value by taking the management, tracking, and billing burden away from user organizations. These MSPs provide the service, charge a monthly fee, and take care of everything for their clients. This frees up IT to work on strategic priorities.

The major areas where MSPs can gain ground, according to the survey, are security, compliance, and cost. Two-thirds of respondents expressed concern around security risks, data breaches, and noncompliance. No wonder MSSPs are picking up business from enterprise users to ensure their SaaS-rich environments are safeguarded. As well as taking over the running of SaaS applications for functions such as CRM, ERP, and backup, MSPs are gaining business by upselling a host of security tools such as patch management, vulnerability management, endpoint management, and more.

The survey also noted that 57% of respondents expressed concerns around wasted spending and hidden or untracked SaaS costs. Part of the problem is that 89% of companies said at least three departments were involved in SaaS management. While the IT/software asset management teams often took the lead, they typically deal with at least two other parts of the organization that want to be involved in selecting, deploying, and managing various parts of the SaaS estate. Again, this is an area where MSPs are stepping in as a means of centralizing SaaS management.

In some cases, MSPs help organizations optimize their SaaS application portfolios. 80% of companies covered in the report said they were actively optimizing their applications or were planning to. Similarly, 75% said application rationalization and consolidation was a stronger focus than before. In this arena, MSPs must compete with vendors offering application management and rationalization platforms.

Finding the Right Security Vendors

Those MSPs wanting to add security services to their current offerings are advised to choose their partners carefully. The Syxsense Managed Service provider program is designed for MSPs and MSSPs looking to provide a higher level of management services to their customers. It consolidates multiple solutions together into a single offering that includes IT Management, Patch Management, Security Vulnerability Remediation, and a robust policy-based Zero Trust product.

Syxsense provides innovative, intuitive SaaS-based endpoint security and management technology that combines the power of artificial intelligence with industry expertise to help customers predict and remove security threats across all devices including mobile. Our unified security and endpoint management platform centralizes the three key elements of endpoint security management (vulnerabilities, patch and compliance) and layers on a powerful workflow automation tool called Syxsense Cortex,™ all through a single cloud-based platform, enabling greater efficiency and collaboration between teams. The always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm.

For more information, visit: www.Syxsense.com

Historically, successful attack strategies continue until adequate defenses are assembled. For example, the Mongol hordes ravaged Asia and Eastern Europe for centuries. A simple invention – the walled town – ended their ability to ride in from the wilderness and devastate a settlement. Since then, innovation has ended the dominance of the long bow and other forms of weaponry.

Maybe there will come a time when ransomware, too, will finally go away. But it is so lucrative that the bad guys are using it for all its worth. It is up to enterprises to up their game to be able to thwart it.

Ransomware Rising

Research from NCC Group reveals that ransomware activity is rising again. December of 2022 saw 269 ransomware attacks in the US, approaching the peak levels for the year seen that was experienced back in March and April of 2022. The leading antagonist in December was Lockbit, which accounted for 19% of attacks, followed by BianLain (12%) and BlackCat (11%). BianLain saw a 113% increase in ransomware activity for the month using the rare ‘Golang’ programming language. This group can encrypt victim devices rapidly and has a playbook that is causing concern. They release victim names in stages to prompt organizations into payment. If payment is not received, they release all the names.

Researchers at Comparitech came up with similar findings. They found 335 publicly reported ransomware attacks in 2022 in the US. But they drew attention to the previous year when double the number of ransomware attacks occurred.

Why the decline in 2022? One reason could be more targeted attacks. Hackers want to catch the biggest fish. They are going after them with more tailored tactics aimed at securing the biggest paydays. Further, in the event of non-payment, they prefer big names and well-known companies where there is a major embarrassment factor when they post the data for sale on the dark web or publish it online. Thus, we have seen ransom demands drop from an average of $5.5 million in 2021 to $4.74 million 2022 – yet the business sector experienced a surge in ransom demands, from $8.4 million average in 2021 to $13.2 million in 2022. Additionally, the average number of records breached in ransomware attacks in the business sector increased from 100,000 in 2021 to almost 900,000 in 2022.

The worldwide pattern largely follows that of the US. 1,365 ransomware attacks in 2021 dropping to 769 in 2022. However, the effectiveness of attacks has risen – again showing the likelihood of more precise targeting. In 2021, 49.8 million records were impacted by ransomware attacks and that number more than doubled to 115 million in 2022. Major victims include: TransUnion South Africa (54 million records), Russia’s Digital Network Systems (16 million records), Australia-based Optus (9.8 million), Medibank (9.7 million), and AirAsia Group (5 million).

Governmental and educational organizations remained heavily targeted by cybercriminals. Government-based ransomware attacks saw average ransom demands surge from $1.7 million in 2021 to a $10.2 million in 2022. Further, the volume of records breached per attack rose from 15,327 to 39,383.

Safeguarding the Enterprise

In the modern world, there is no time to bury one’s head in the sand and hope for the best when it comes to ransomware. Organizations should expect incursion attempts to be made steadily. Therefore, they must be well prepared in advance to prevent, detect, mitigate, and cleanse all systems before major damage occurs. They must ensure that no single unspotted vulnerability or unpatched system exists across their network.

Syxsense Enterprise offers a way to stop breaches with one endpoint security solution. It encompasses:

• Scanning for vulnerabilities: prevent cyberattacks by scanning authorization issues, security implementation, and antivirus status.
• Device quarantining: Block communication from an infected device to the internet, isolate the endpoint, and kill malicious processes before they spread.
• Patch Management: With support for all major operating systems, automatically deploy OS and third-party patches as well as Windows 10 Feature Updates.
• Collaboration: IT and security teams can automatically collaborate in a single console to know and close attack vectors.
• Mobile Device Management: Control over the devices in your organization to keep your business-critical resources secure on every single endpoint in your network.

For more information, visit: www.Syxsense.com