No cybersecurity substitute for staying current

One of the most overlooked and yet most effective ways to ensure cybersecurity is to run the latest releases of software on relatively new hardware. The simple fact is that most older versions of software are riddled with unpatched vulnerabilities that are easy to exploit. Worse yet, flaws in older systems might not be discovered for several years after they have been introduced. A case in point is the so-called Downfall flaw that Intel report affects machines that might have been acquired as far back as 2015.

Far too many of the machines potentially impacted, including some processors that won’t be formally discontinued from being built until this year, are still being used. Most of the time it’s a small business that continues to rely on outdated hardware to process transactions, but it’s not uncommon for even large enterprises to be using machines longer than they should. There is a tendency in some organizations to in the name of getting the most out of return on investment will use some machines for three to five years.

The folly of that approach is a lot of the technology used to build those machines has serious cybersecurity issues that are well known. Cybercriminals have all kinds of tools at their disposal for discovering and compromising machines running older versions of software with known vulnerabilities. In theory, much of the software on those machines should have been regularly updated in a way that applies patches to remediate vulnerabilities. In reality, however, vendors that build software don’t have infinite resources so it’s almost always better to be running the latest release of software that was built by developers that now have a greater appreciation for cybersecurity.

That doesn’t mean that the latest version of software is going to be secure, but the odds that a known vulnerability that is easily exploitable will be included are going to be far less.

Hopefully, over time application security should improve as artificial intelligence (AI) makes it easier to identify known vulnerabilities as an application is developed. In the short term, however, AI might actually make things worse because most as a lot of the code that is automatically created using general-purpose platforms such as ChatGPT is flawed. AI platforms are creating code faster using examples found across the Web that contain security vulnerabilities so garbage in naturally leads to garbage out. The issue is the pace at which the garbage is coming out is accelerating.

On the plus side, large language models (LLMs) that provide the foundation for generative AI platforms can be trained to create better code. Unfortunately, the current gap between general-purpose AI platforms and LLMs that specifically address applications security issues being widely employed might in the months ahead make things worse before eventually making applications security better.

Despite that caveat, however, it is still generally safer to be running current applications on modern hardware. That may wind up being more expensive, but in comparison to the total cost of a data breach in most cases, it’s relatively trivial.