MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious

Why Understanding Vulnerability Management is Important

Published on 24 December 13
219
0
0

Wikipedia describes vulnerability management as "the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities, especially in software and firmware". Vulnerability management is an integral part of computer and network security. If you are responsible for managing company servers and/or networks, it is vital for you to understand about, and implement, vulnerability management.

Where can vulnerability attacks come from?

⢠From outside the network

⢠From inside the network, perhaps via a VPN (virtual private network)

⢠From outside over the telephone, using such tricks as social engineering

⢠From an insider on the local network

⢠From an insider on the local system

⢠From malware

What might management fear from network vulnerability? These are a few examples:

⢠A web server compromise can expose the organization to widespread ridicule.

⢠A server compromise might allow private customer data to be stolen, which could lead to claims for compensation, especially if it involves credit card details.

⢠An insider who is angry might do something mischievous, like launch a logic bomb to destroy data.

⢠An insider who feels aggrieved sells company trade secrets.

⢠Employees might be deceived by social engineering tricks, which might leak sensitive data to the press.

⢠A hacker who penetrates systems might find evidence of wrongdoing that can then be used to blackmail the company.

What should you know about vulnerability management?

⢠Vulnerabilities are gateways through which threats become manifest.

⢠Scanning for vulnerabilities without remediating them has little value.

⢠A little scanning and remediation is better than a lot of scanning and less remediation.

⢠Vulnerabilities that need fixing have to be prioritised based on those that pose the most immediate risk to the network.

⢠Security experts need processes to allow them to stay focused on vulnerabilities so that fixes can become more frequent and effective.

All an attacker needs is a toe-hold. If there is a single vulnerability left unfixed and it can be reached from outside the organization AND it is compromised, then the vulnerability can be used as a springboard to attack other systems on the network. If a data breach occurs and it is traced back to a flaw the company was aware of but hadn't fixed, the consequences can be serious. Think of the damages phase of a court case!

So the regular pattern of vulnerability management should be to: scan the network and identify vulnerabilities; prioritise those that are found; identify fixes; and, apply the fixes.

The starting point for managing computer vulnerabilities is an asset register. What hardware and software does the company own? What versions are they? Where is it? There are many software packages that can be obtained to automate this process, normally by searching the company network for attached systems and devices, discovering disk drives and auditing them for installed software. Donât forget to include backup or spare systems that may not be switched on all the time â they have to be audited too in case they contain risks from unpatched old software.

Depending upon the types of threats that an organisation might expect, it might be necessary to implement a networking monitoring system to check network traffic continuously for unusual activity. For example, if a little-used server suddenly receives many data transfer requests, this might be suspicious. Some companies set up traps by loading a server with interesting â but fake â data with the aim of sidetracking hackers away from the real data they are after.

Vulnerability management should be high on the agenda of essential IT processes for most businesses. It is important, vital, for business management to understand it and how it can protect the company.

Visit Logitrain, select your your IT training packages in which you want to enroll yourself and get a discount offer. By enrolling in an IT training package you can save upto 1500$.

Wikipedia describes vulnerability management as "the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities, especially in software and firmware". Vulnerability management is an integral part of computer and network security. If you are responsible for managing company servers and/or networks, it is vital for you to understand about, and implement, vulnerability management.

Where can vulnerability attacks come from?

⢠From outside the network

⢠From inside the network, perhaps via a VPN (virtual private network)

⢠From outside over the telephone, using such tricks as social engineering

⢠From an insider on the local network

⢠From an insider on the local system

⢠From malware

What might management fear from network vulnerability? These are a few examples:

⢠A web server compromise can expose the organization to widespread ridicule.

⢠A server compromise might allow private customer data to be stolen, which could lead to claims for compensation, especially if it involves credit card details.

⢠An insider who is angry might do something mischievous, like launch a logic bomb to destroy data.

⢠An insider who feels aggrieved sells company trade secrets.

⢠Employees might be deceived by social engineering tricks, which might leak sensitive data to the press.

⢠A hacker who penetrates systems might find evidence of wrongdoing that can then be used to blackmail the company.

What should you know about vulnerability management?

⢠Vulnerabilities are gateways through which threats become manifest.

⢠Scanning for vulnerabilities without remediating them has little value.

⢠A little scanning and remediation is better than a lot of scanning and less remediation.

⢠Vulnerabilities that need fixing have to be prioritised based on those that pose the most immediate risk to the network.

⢠Security experts need processes to allow them to stay focused on vulnerabilities so that fixes can become more frequent and effective.

All an attacker needs is a toe-hold. If there is a single vulnerability left unfixed and it can be reached from outside the organization AND it is compromised, then the vulnerability can be used as a springboard to attack other systems on the network. If a data breach occurs and it is traced back to a flaw the company was aware of but hadn't fixed, the consequences can be serious. Think of the damages phase of a court case!

So the regular pattern of vulnerability management should be to: scan the network and identify vulnerabilities; prioritise those that are found; identify fixes; and, apply the fixes.

The starting point for managing computer vulnerabilities is an asset register. What hardware and software does the company own? What versions are they? Where is it? There are many software packages that can be obtained to automate this process, normally by searching the company network for attached systems and devices, discovering disk drives and auditing them for installed software. Donât forget to include backup or spare systems that may not be switched on all the time â they have to be audited too in case they contain risks from unpatched old software.

Depending upon the types of threats that an organisation might expect, it might be necessary to implement a networking monitoring system to check network traffic continuously for unusual activity. For example, if a little-used server suddenly receives many data transfer requests, this might be suspicious. Some companies set up traps by loading a server with interesting â but fake â data with the aim of sidetracking hackers away from the real data they are after.

Vulnerability management should be high on the agenda of essential IT processes for most businesses. It is important, vital, for business management to understand it and how it can protect the company.

Visit Logitrain, select your your IT training packages in which you want to enroll yourself and get a discount offer. By enrolling in an IT training package you can save upto 1500$.

This blog is listed under IT Security & Architecture Community

Related Posts:
Post a Comment

Please notify me the replies via email.

Important:
  • We hope the conversations that take place on MyTechLogy.com will be constructive and thought-provoking.
  • To ensure the quality of the discussion, our moderators may review/edit the comments for clarity and relevance.
  • Comments that are promotional, mean-spirited, or off-topic may be deleted per the moderators' judgment.
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url

Back to Top