Last updated at Fri, 13 Jan 2023 16:26:17 GMT
Save the links. Pass them around. And consider getting your copy of the new 2023 XDR Buyer’s Guide—because if this isn’t a time for reckoning and progress, what is?
The news: on Wednesday, the United States grounded all flights coast-to-coast for the first time since 9/11. The Federal Aviation Administration’s (FAA) Notice to Air Missions system (NOTAM) failed, leaving pilots without vital information they need to fly.
Separate from air traffic control systems, NOTAM ingests data from over 19,000 U.S. airports big and small. It then alerts specific pilots about specific anomalies to expect during 45,000 flights every day: the very latest runway closures, airspace restrictions, disruption of navigational signals, birds that can threaten a plane’s engines, anything.
Apparently, a corrupted file in the software was to blame for the system failure. This, from NBC News:
“...a government official said a corrupted file that affected both the primary and the backup NOTAM systems appeared to be the culprit. Investigators are working to determine if human error or malice is to blame for taking down the system, which eight contract employees had access to. At least one, perhaps two, of those contractors made the edit that corrupted the system, two government sources said Thursday.”
It will likely be a while before we know exactly what happened. But security practitioners might consider jumping to one conclusion today: your argument for investing in a detection and response solution which will provide visibility across your modern environment just got better. It’s important to have the right tools and systems in place, in all areas of your business from infrastructure to security, in order to have business continuity. Even with initiatives like legacy modernization, security teams need to have a view of their threat landscape as it expands.
Is anyone more responsible for business continuity than you?
Recently, CISOs have been named as defendants in several shareholder, civil, and criminal actions. At the same time, CISOs are feeling less and less “personal responsibility” for security events, dropping from 71% to 57% in just one year. Security teams are spending more than half their time manually producing reports, pulling in data from multiple siloed tools. And silos present unacceptable risk. Something has to give.
While capabilities can vary across XDR vendors, the promise is to integrate and correlate data from numerous security tools — and from across varying environments — so you can see, prioritize, and eliminate threats, and move on quickly. The vendor evaluation process isn’t easy. But XDR is well worth it.
The 2023 XDR Buyer’s Guide includes:
- Must-have requirements any real XDR offers
- How XDR can be a staffing and efficiency game-changer
- Key questions to ask as you evaluate options
The hidden lesson in the NOTAM outage? Less is more.
Patrick Kiley, Principal Security Consultant and Research Lead at Rapid7 has a long transportation background. He said that when organizations need to migrate off dated systems, it tends to be a “forklift upgrade, which typically requires significant resources.” That could include development, testing, cloud computing or hardware investment, and of course skilled cybersecurity personnel—who are in short supply these days.
“This kind of migration is a bear,” Kiley said, “so organizations tend to put them off.”
What’s not a bear? Getting your copy of the 2023 XDR Buyer’s Guide.