The effectiveness of cyber security portfolio of an enterprise depends on multiple factors.  Efficient Vulnerability Management Program is one of the critical parameters to be considered. Considering the dynamic nature of the attack vectors, it is important to build the defense in depth from the scratch by adopting a holistic view. The biggest challenge in this arena is to have an effective measurable dynamic process followed by seamless enforcement.  On the top of it, procedures have to be strong enough and should be maintained with current context to effectively deal with vulnerabilities. 

Enterprises invest on robust technology platform supported by efficient process and human intelligence that needs to be monitored continuously to keep it vibrant with time. The effectiveness of platform depends on

  • Efficiency and depth of process to deal with current situation

  • Effective program management by proficient skilled & intelligent managers

  • Ability of team to dip dive in technology, to sense and capture them

  • Ability to detect the technology weak links in advance and build a strong aura of defense around thereby minimize the risk of exploitation

  • Continuous detection efficiency and responsiveness of incident management

  • Readiness to deal with attack thereby minimize the impact

 

Common types of vulnerabilities:

  • Default system installation

  • Misconfiguration

  • Erroneous security configuration

  • Unwanted open services & ports

  • Application vulnerability

  • Inbuilt OS vulnerability

  • Patch\SP\Fix missing

  • Administrative errors

  • Agent pollution

  • Unwanted privileged access

     

Mistakes of Vulnerability Management

  • Commissioning the technology before knowing the same

  • Treating vulnerability management as part of compliance program instead of cyber defense program leading to compliance 

  • Believing that vulnerability management is only a technical problem, not a security process failure

  • Reactive platform to manage the vulnerabilities

  • Failing to fix / upgrade the secure OS of devices

  • Investment in mitigation plan rather than rolling out a proactive defense in depth

  • Scanning but failing to act in-time

  • Assessing a vulnerability without looking at the whole picture

  • Inefficient threat modeling leading to neglected high volume low rated vulnerabilities that are spread over the platform

  • Thinking that in time patching is the same as vulnerability management.

  • Being unprepared for the unknown -- "zero-day exploits"

 

Solution

  • Create robust vulnerability management program with blend of technology, process and intelligence

  • Establish the feeder to be aware about vulnerabilities in time to take proactive actions

  •  Build the defense in depth by knowing the technology before commissioning thereby installing it securely and wrap it appropriately with compensatory controls 

  • Increase effectiveness of program through dynamic maintenance of supportive process like – stringent hardening, secure builds, patch management, endpoint security

  • Rigorous efficient scanning followed by effective analysis, threat modeling and fixing  

  • Enforce monitor able and measurable parameters to assess the effectiveness of the program continuously to keep it dynamic

  • Effective technical audit including – architecture review, configuration review, administrative review, cross VLAN connectivity testing, penetration testing, process design and implementation review

  • Complement the program by highly efficient change management, version management and incident management program 

 

Benefits

  • Increased cyber defense automatically leading to compliance which increases the confidence among clients, employees and vendors thereby boosting the confidence of the business

  • Proactive understanding of technology leading to high security of IT Assets

  • Enterprise is highly prepared to deal with “0” day attack & exploits due to reduced number of vulnerabilities

  • Highly efficient compensatory controls

  • Reduced chance of compromise and data breaches 

8669800662?profile=original

Checkout other training @ CISOPlatform

>> Cyber Forensics & Incident Response Training: Click Here

>> Network Forensic & Practical Packet Analysis: Click Here

>> Application Security Testing & Web Hacking: Click Here

>>Reverse Engineering & Malware Analysis: Click Here

>>Advanced Android & iOS Hands-on Exploitation - Click here

>> Decision Summit & Top 100 CISO Awards: Click Here

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)