The effectiveness of cyber security portfolio of an enterprise depends on multiple factors. Efficient Vulnerability Management Program is one of the critical parameters to be considered. Considering the dynamic nature of the attack vectors, it is important to build the defense in depth from the scratch by adopting a holistic view. The biggest challenge in this arena is to have an effective measurable dynamic process followed by seamless enforcement. On the top of it, procedures have to be strong enough and should be maintained with current context to effectively deal with vulnerabilities.
Enterprises invest on robust technology platform supported by efficient process and human intelligence that needs to be monitored continuously to keep it vibrant with time. The effectiveness of platform depends on
Efficiency and depth of process to deal with current situation
Effective program management by proficient skilled & intelligent managers
Ability of team to dip dive in technology, to sense and capture them
Ability to detect the technology weak links in advance and build a strong aura of defense around thereby minimize the risk of exploitation
Continuous detection efficiency and responsiveness of incident management
Readiness to deal with attack thereby minimize the impact
Common types of vulnerabilities:
Default system installation
Misconfiguration
Erroneous security configuration
Unwanted open services & ports
Application vulnerability
Inbuilt OS vulnerability
Patch\SP\Fix missing
Administrative errors
Agent pollution
Unwanted privileged access
Mistakes of Vulnerability Management
Commissioning the technology before knowing the same
Treating vulnerability management as part of compliance program instead of cyber defense program leading to compliance
Believing that vulnerability management is only a technical problem, not a security process failure
Reactive platform to manage the vulnerabilities
Failing to fix / upgrade the secure OS of devices
Investment in mitigation plan rather than rolling out a proactive defense in depth
Scanning but failing to act in-time
Assessing a vulnerability without looking at the whole picture
Inefficient threat modeling leading to neglected high volume low rated vulnerabilities that are spread over the platform
Thinking that in time patching is the same as vulnerability management.
Being unprepared for the unknown -- "zero-day exploits"
Solution
Create robust vulnerability management program with blend of technology, process and intelligence
Establish the feeder to be aware about vulnerabilities in time to take proactive actions
Build the defense in depth by knowing the technology before commissioning thereby installing it securely and wrap it appropriately with compensatory controls
Increase effectiveness of program through dynamic maintenance of supportive process like – stringent hardening, secure builds, patch management, endpoint security
Rigorous efficient scanning followed by effective analysis, threat modeling and fixing
Enforce monitor able and measurable parameters to assess the effectiveness of the program continuously to keep it dynamic
Effective technical audit including – architecture review, configuration review, administrative review, cross VLAN connectivity testing, penetration testing, process design and implementation review
Complement the program by highly efficient change management, version management and incident management program
Benefits
Increased cyber defense automatically leading to compliance which increases the confidence among clients, employees and vendors thereby boosting the confidence of the business
Proactive understanding of technology leading to high security of IT Assets
Enterprise is highly prepared to deal with “0” day attack & exploits due to reduced number of vulnerabilities
Highly efficient compensatory controls
Reduced chance of compromise and data breaches
Checkout other training @ CISOPlatform
>> Cyber Forensics & Incident Response Training: Click Here
>> Network Forensic & Practical Packet Analysis: Click Here
>> Application Security Testing & Web Hacking: Click Here
>>Reverse Engineering & Malware Analysis: Click Here
>>Advanced Android & iOS Hands-on Exploitation - Click here
>> Decision Summit & Top 100 CISO Awards: Click Here
Comments