Following the discovery of the Badlock earlier this week, @DFMag obtained the following insight from Cris Thomas (a.k.a Space Rogue), Strategist at Tenable Network Security:
“We have three weeks before technical details are public and a patch is issued, but CISOs are already getting questions from their executives and boards about how they are preparing for Badlock and they need to have an answer.
“Few confirmed details about Badlock have been released, but it could be a major wide reaching vulnerability because Samba is an internal file sharing and printing protocol that is integrated into most operating systems. If an organization leaves the vulnerability unpatched it could grant administrator or root access to every user account on the network or possibly allow remote code execution. Smart CISOs should start planning now to patch immediately once the fix is available. They should also prepare for the possibility that the vulnerability may be discovered or leak before the patch is available.
“With the unusual case of the PR announcement coming so far ahead of the patch, Samba has now become a prime target for hackers wanting to find Badlock before it is patched—as well as other previously undiscovered vulnerabilities to exploit.
“CISOs already have the tools in their arsenals to begin preparations, but then comes the part a lot of people forget about: communicating your strategy and overall security status to the board with language and metrics they will understand and be able to act on.
“The upside to such an early announcement is that it presents CISOs and CIOs a rare opportunity to get ahead of the vulnerability conversation and set expectations about the response, rally resources and make sure they are in the best possible position to succeed.”