3 min read | novembre 14, 2019 | Bill Dunnion
Prioritizing Security Risks—Not Vulnerabilities
With an attack surface that’s borderless, complicated, and connected to everyone and everything, it’s difficult, verging on the impossible, to fully protect the business from data breaches and their far-reaching consequences.
Furthermore, if the company is relying on traditional firewall and antivirus security, then it is ignoring the need for a holistic approach to cyber security that will effectively combat cyber crime. Today, such a holistic approach is essential: according to Hosting Tribunal, 73% of black hat hackers (those with criminal intent) said traditional firewall and antivirus security are irrelevant or obsolete. Even so, that’s not completely true as companies can put into action many lines of defense—there’s no single solution that will address all security threats.
And that brings us to vulnerability and patch management. First, let’s look at vulnerability management and how it helps in the fight against cyber crime. Companies must understand the types of vulnerabilities that exist and have in-depth knowledge of the attack surface, which includes containers, mobile devices, IoT devices, cloud instances, web applications, and point-of-sale (POS) terminals. As well, they must take into consideration endpoints that are a massive, growing attack surface and, as such, a highly appealing target for cyber criminals.
Vulnerability, according to Gartner (2019), is only as bad as the threat exploiting it and the impact it has on the business. The best approach, therefore, is to implement a vulnerability management program on the basis of the risk—the threat that is exploiting the vulnerability. Look at the types of risk and then list them in order of priority. This ensures that less risky vulnerabilities are not addressed first. The less risky ones, of course, can be addressed later as they are less likely to be exploited.
To help prioritize IT risks look at threat intelligence, which “…is evidence-based knowledge, including context, mechanisms, indicators, implications and action-oriented advice about an existing or emerging menace or hazard to assets. This intelligence can be used to inform decisions regarding the subject’s response to that menace or hazard” (Gartner). With such real-time data, companies can fine-tune processes and can take preemptive actions such as a patching management program.
Although effective community policing against cyber crime is through the increased use of open-source software, it is difficult to know if the open source components used in applications are up-to-date with all critical patches applied. To keep open source software components risk free, it’s necessary to continually track open source components and their dependencies, while keeping up-to-date with open source community intelligence and updates through automated open source management tools.
This brings us to patching management, a critical tool that implemented properly does help to prevent breaches. In some cases, breaches have occurred because patches weren’t applied right after release, giving cyber criminals unbelievable opportunities: when a patch is released, the vulnerability is disclosed. In other words, patch as soon as possible, and automate as much as possible. With cloud-based automated patch management software, regular scans can be scheduled and patches can be applied under specific conditions or automatically.
A risk-based approach to threat and vulnerability management provides a benchmark, a rating that helps the business determine whether the risk will happen, whether it’s above acceptable levels, and how soon action should be taken. Through automation, tasks can be quickly delegated and remediation actions undertaken—within established timelines. This is, obviously, critical as the number and sophistication of threatened cyber attacks continue to increase exponentially.
When a business implements risk-based vulnerability management, it has the best of two worlds: the traditional vulnerability assessment and the latest threat and vulnerability management program. These are unified into one platform.
Stop looking at vulnerabilities without context. Implement a risk-based vulnerability management program. Integrate security intelligence. Prioritize risks. And secure your IT environment with real-time defenses.[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]
décembre 9, 2022
Calian IT and Cyber Solutions once again listed on the Houston Business Journal’s 2022 Largest Houston-area Cybersecurity Companies List
Calian IT and Cyber Solutions (ITCS), a leading provider of IT and cybersecurity services for enterprises across the United States for the last 40 years, was again listed on the Houston Business Journal’s 2022 Largest Houston-area Cybersecurity Companies List - a fourth...
novembre 30, 2022
Calian Receives Cisco Regional Partner of the Year Award: TAO at Cisco Partner Summit 2022
At Cisco Partner Summit 2022, Calian was honored with the Cisco Regional Partner of the Year Award for its innovation, leadership and best practice as a Cisco business partner across Texas, Arkansas and Oklahoma.
novembre 3, 2022
In Case of Emergency… Have a Plan
When an emergency occurs, it’s too late to plan or rehearse the response. Fires, floods and other disasters don’t pause while you get ready to address them. Policies, plans and procedures for response must be in place long before they are needed.