Zero Day Remediation Tips: Preparing for the Next Vulnerability

Originally published by ThirdPartyTrust here.

Written by Sabrina Pagnotta, ThirdPartyTrust.

Software vulnerabilities are inevitable, but you can reduce their impact by acting fast. Follow these zero day remediation tips if you think your organization might be vulnerable to a newly discovered zero day.

With zero day exploits behind half of the biggest vulnerabilities and a surge in headline-grabbing attacks such as SolarWinds, Log4j, and Kaseya, the threat of zero day vulnerabilities is an ongoing concern for security teams.

Businesses increasingly run on software, which, unbeknownst to its developers, can contain vulnerabilities that attackers often discover and exploit before a patch is available. This makes zero day attacks inevitable, but their impact can be reduced if you’re prepared to act fast.

What to do if your organization was affected by a Zero Day

The first thing you need to do when a new zero day is reported is to assess the prevalence of the vulnerability in your organization and within your supply chain. In other words, determine if your organization or your vendors are utilizing vulnerable versions of the software in question.

As part of your due diligence and ongoing reassessment processes, you need to make sure that your vendors are enforcing standards that keep your business safe. Should a zero day vulnerability appear, you need to be able to promptly:

• Identify vulnerable third party vendors in your supply chain
• Ask them how they are planning to react and mitigate the vulnerability
• Update your requirements and request additional assurances

This would be difficult to achieve on a one-on-one basis, which is why these actions need to be conducted as part of a centralized, standardized third party risk management process (TPRM), as opposed to chasing vendors via email with spreadsheets.

5 zero day vulnerability remediation tips

1. Patch your systems

Vendors and makers usually act fast to issue a patch once the zero-day vulnerability is discovered. Install it as soon as it becomes available.

2. Assess risk exposure

Identify vulnerable third party vendors in your supply chain and check if your own organization is vulnerable.

3. Update your requirements

Ask your third parties for additional security requirements and assurances, and add them to your upcoming vendor contracts if needed.

4. Show your posture

If you are a vendor to other organizations, share an update of your security posture to let them know you already took the necessary steps.

5. Track, report, and conclude

Vulnerability management includes identifying, analyzing, remediating, and reporting phases; make sure everything is documented.