As revealed in IT News, the QLD Government is expecting to roll out a whole of government approach to vulnerability scanning by October 2016.
The initiative comes on the heels of a breach last year of the Department of Education and its TAFE. Hackers made off with data collected from the complaints portal including details of alleged sexual assault. Since then the Government’s CIO, Andrew Mills, has been working with a new cyber security team to fortify QLD’s IT defences.
The scanning service will cover all public-facing websites as well as internal networks.
The news is a timely reminder of the benefits of Continuous Vulnerability Management. It’s an approach that every company should adopt. Most automated hacks are exploits of unpatched software. There are teams of researchers on both sides of the law all working to detect vulnerabilities in common operating and productivity software that allow them to compromise networks. The bad guys don’t report it when they find a hole but the good guys do and when that happens the software owners usually make a patch available.
Continuous Vulnerability Scanning ensures that as new vulnerabilities are discovered “in the wild” you can be alerted if software on your network carries the same issue. Then, working with a security team like ours, you can choose to apply a patch or otherwise mitigate the likelihood that your software’s vulnerability will affect the rest of your network, your operations and your brand.
James Walker
