Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Nikos Mavrogiannopoulos
on 1 September 2021


The cybersecurity state of affairs can be described as too complex today. There is an enormous number of threats endangering sensitive data for the average IT team to cope with. Threats ranging from exposure of physical assets stored in an office, to “social engineering” attacks resulting in unauthorized access, or even threats that exploit obscure software vulnerabilities. Irrespective of the threat vector used in an attack, the result of a data breach can be severe; in the Colonial pipeline case operations were seriously compromised, while on  an Airline hack private data and credit card information of 3.5 million customers were exposed. Despite the complex landscape and the high visibility attacks, a fraction of all organizations suffer data breaches, with some having adapted to the landscape better than others. 

Critical infrastructure is regulated

At the same time, regulators and customers expect more, and sectors that manage critical infrastructure such as healthcare, banking, digital infrastructure and services, water supply, energy, and several others are held to high security standards. EU’s NIS2 directive, or US’ executive order on cybersecurity demonstrate that the direction is clear. Critical infrastructure whether hardware or software-based needs to be deployed and maintained securely for its lifetime.

Should I improve cybersecurity in my organization?

Navigating the cybersecurity space may seem like a luxury or too intimidating for smaller organizations; there are many cybersecurity frameworks to choose from, and benefits may not be immediately visible before a breach is experienced. Customer private data, customer databases, as well as business credibility are things that organizations value, though not always taking the necessary precautions to safeguard them. Frameworks such as the NIST cybersecurity framework, CIS controls, PCI-DSS, SOC2, ISO27000 to list a few, are available to guide an organization’s cybersecurity plan implementation, while paradigms like zero-trust security set the right mentality and end-goals. Ultimately most frameworks define cybersecurity controls and best practices, to enable businesses to reduce operational and business risks by adapting on the Internet threat landscape.

While the complexity and expertise required for cybersecurity is high, the major points of these frameworks are about few simple notions. Notions like knowing what you have, configuring it securely and managing it well. That is, it is impossible to secure some estate without an inventory of the estate (knowing what you have) and a monitoring mechanism. At the same time these systems must be configured securely, enabling malware defenses and hardening to reduce their attack surface and the necessary maintenance tasks. At last but not least continuous vulnerability patching, kernel livepatching and regular maintenance will ensure the risks of breaches is reduced.

How can Canonical enable my organization?

Whatever framework you decide to implement, and whichever path you follow to reach your desired cybersecurity state, you can rely on Canonical to provide you with Ubuntu, a world class open source operating system designed for today’s cybersecurity landscape. Ubuntu Pro and Ubuntu Advantage include a comprehensive cybersecurity-focused stack that covers not only the bits and bytes of the operating system, but also the software management security controls. Ubuntu Pro and Ubuntu Advantage come with minimal attack surface, malware defenses in place, automated secure configuration guidelines, lifecycle of 10 years with Extended Security Maintenance, kernel Livepatching, security certifications and Enterprise grade support to enable your cybersecurity strategy. Furthermore Canonical builds on the secure foundation of Ubuntu to provide open source computing infrastructure such as OpenStack and Kubernetes for your enterprise workloads, and Landscape for systems management.

While there is no state of absolute security, leading your organization through the cybersecurity path will bring it to a state where the security incident and breach risks are getting gradually detected, reduced and put under control. A successful cybersecurity program, whether closely following a framework or being certified for it, will only be measured by its ability to reduce risk to keep the organization secure. There is no panacea for cybersecurity, and getting to the next step requires the right foundations. Ubuntu Pro and Ubuntu Advantage set the software foundations for your cybersecurity path.

Related posts


Lech Sandecki
23 October 2024

6 facts for CentOS users who are holding on

Cloud and server Article

Considering migrating to Ubuntu from other Linux platforms, such as CentOS? Find six useful facts to get started! ...


Kris Sharma
17 October 2024

Why is Ubuntu Linux the leading choice to replace CentOS for financial services?

Financial Services Article

Financial services are powered by technology. The customer experience is increasingly driven by data, with tailoring of products and services to reflect individual behaviors and preferences. All of this rests on a foundation of secure, stable technology that can support agility and flexibility to adapt to customer needs, whilst at the sam ...


eslerm
19 November 2024

Needrestart local privilege escalation vulnerability fixes available

Ubuntu Article

Qualys discovered vulnerabilities which allow a local attacker to gain root privileges in the needrestart package (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, and CVE-2024-11003) and a related issue in libmodule-scandeps-perl (CVE-2024-10224). The vulnerabilities affect Debian, Ubuntu and other Linux distributions. Canonical’s securit ...