This Week in Cyber: April 11th – April 15th

Digital Security by Design

This week, Microsoft announced that it intends to make generally available a feature called Autopatch as part of Windows Enterprise E3 in July 2022.

Windows Autopatch is intended to work with all supported versions of Windows 10, Windows 11, and Windows 365 for Enterprise. Windows Server OS and Windows 365 for Business, however, are not supported.

The tech giant said the feature is aimed at tackling the complexity associated with software updates in enterprise IT environments as well as closing security gaps introduced because of not applying patches in a timely fashion, thereby opening the door to potential new threats.

John Goodacre, Director of Digital Security by Design and Professor of Computer Architectures at Manchester University, shares:

“Cybersecurity traditionally focuses on the end user of an application or product to protect themselves from cyber harm.  As the risks from cyber-attacks increase, it’s clear the demand on keeping up with patches is unsustainable both for the developers, and the end users.

The autopatch approach from Microsoft will bring an additional tool to businesses with managed desktops that could reduce the cost of that management and accelerate the deployment of patches reducing the opportunity of harm. This will leave businesses able to focus on their specific processes and applications.

Microsoft is also working with the UKRI Digital Security by Design programme, to investigate how the evolving DSbD technologies can reduce the need to urgently patch systems with around 70% of the ongoing vulnerabilities capable of being blocked from exploitation by design.”

Also announced this week was the beta availability of DuckDuckGo’s privacy-focused browsing for Mac. Just like the mobile browsing app, DuckDuckGo on Mac uses the DuckDuckGo search engine by default, automatically blocks web trackers, and comes with the famous “Fire” button that burns up your browsing history and tabs in a single click.

The browsing app also comes with a new feature that’s supposed to help block those pesky cookie consent pop-ups that appear when you first open a website. DuckDuckGo says it will clear them on 50 percent of sites, while automatically selecting the option that blocks or minimizes the cookies that track you.

Commenting on the announcement, and quoted in The Sun, John Goodacre said “Privacy is the currency against which convenience and relevance are often traded. Consumers regularly confuse privacy with secrecy or security. In all cases, the root concern is often whether the consequence is harm.  Whether users should switch their browser is the type of complex decision which can often be led by social pressure more than reduction in their risk of harm.  The more products that can reduce the risk of cyber-harm by default and by design the better it will be for everyone.”

 

 


You can follow updates @DSbDTech or via LinkedIn here  #DSbDtech

Follow Innovate UK

Twitter @innovateuk

Innovate UK on Linkedin

You can find out more about the Industrial Strategy Challenge Fund here

Delivered by Digital Catapult, funded by UKRI through the Digital Security by Design programme.