Is Your Security Response Built For Speed?

  • December 23rd, 2021 at 9:48 am

When a cyber-attack occurs, rapid action is essential. The longer it takes to resolve a problem, the more time cyber-criminals have to wreak havoc and capture your precious data.

According to the latest HP Security Threats Insights Report, there’s a clear and very common vulnerability window wedged between the time an attack is discovered, and the time it takes a vendor to release a patch, and for users to then test and deploy that patch[i]. [KW1] 

Recently, for instance, on the 21st of August, a researcher found an exploited vulnerability within Microsoft Office[i] – the “CVE-2-21-40444″. A few additional instances of this vulnerability being exploited were identified in early September. This led Microsoft to release a bulletin on the 7th of September, and then a patch on the 14th of September. Even though Microsoft’s action was relatively swift, this left a considerable window in which attackers were able to swoop.  

Source: HP Security Threats Insights Report Q3 2021[i]

Sadly, thanks to the increasing sophistication of most attacks, many organisations also don’t even realise they’ve been hacked, or their data has been stolen, until it’s too late.

A recent survey revealed that almost half (47%) of organisations haven’t actually assessed the readiness of their incident response teams, which means they first time they test their plans will be when in the midst of an attack[i].

The Microsoft situation above certainly isn’t an isolated one. Security vulnerabilities and risks are isolated on a frequent basis, and attackers are now using very popular channels and methods to gain entry. In the third quarter of 2021, 89% of threats isolated by HP Wolf Security were delivered via email[i].

In the same quarter, HP also saw more threat actors piggybacking off legitimate file-sharing services – which allow users to upload and share files – to host malware.[i]

So what can be done?

While patch management remains a critical part of cyber-security protection, what’s needed is a threat containment approach: one which protects enterprises against unknown vulnerabilities and scenarios where a patch is yet to be released – as was the case with CVE-2-21-40444.

HP Sure Click’s threat containment technology, for instance, completely eliminates the risk window between risk and action. In the case of CVE-2-21-40444, the vulnerable MSHTML component of Windows is isolated inside a micro-Virtual Machine, protecting the host system from infection. This removes the need for network defenders to rely solely on detections and mitigations, which may be imperfect and become obsolete quickly as the understanding of the scope of a vulnerability evolves.

Want to find out more?

Visit the Wolf blog page for more stories like this, and to find out how HP’s Wolf Security could help your business.

Download the eBook – which includes a raft of information to help you set up a business technology plan and get secure.

[i] Theatre Search, HP Wolf Security Threat Insights Report, [online],

[i] Harvard Business Review, Cyberattacks are inevitable – is your business prepared? [online],

[i] Theatre Search, HP Wolf Security Threat Insights Report, [online],

[i] Theatre Search, HP Wolf Security Threat Insights Report, [online],

[i] Theatre Search, HP Wolf Security Threat Insights Report, [online],

 [KW1] [KW1]