The Cybersecurity and Infrastructure Security Agency (CISA) has just updated their catalog of known exploited vulnerabilities. They added an additional 95 vulnerabilities, putting their list as of this writing at 489. This is important as these vulnerabilities are used by cyber criminals. These vulnerabilities impact commonly used IT solutions and should be addressed in a timely manner by those who deploy them.
Vulnerabilities impact small businesses
Small businesses come in many different forms, some requiring fully robust IT infrastructure, while others requiring very little. According to the Verizon Data Breach Investigation Report 2021, 80% of reported data breaches that involved a small business involved system intrusion, miscellaneous errors, and basic web application attacks. Cyber criminals use these known vulnerabilities to attack your networks.
What you can do
There are really two paths here, your small business utilizes an IT managed service provider or you manage IT internally.
For those who have a managed service provider, you should verify with them that they are proactively identifying if your small business deploys any of the tools identified in the list from CISA. It is always important to verify your service provider is managing these types of vulnerabilities regularly.
For those who manage your own IT internally, you will want to identify any of the tools listed and vulnerabilities. Some of these known vulnerabilities impact solutions like Adobe, Microsoft, Android, Apple, and others.
Fixing the vulnerabilities
If using a managed service provider, they will rank the vulnerabilities that impact your small business and address them in the order of risk to your business. If you do IT internally, that will fall upon you and your team.
It is generally best practice to address those with the highest risk to your IT infrastructure first and work your way down to the less risky. This way you can address the worst first.
For more on cybersecurity known exploited vulnerabilities and best practices check out Small Business, Big Threat!