Introduction to Vulnerability Management
The number of attackers looking for weaknesses in your network environment is growing. These attackers are looking for vulnerabilities, such as outdated systems or software they can utilize to damage or potentially steal from your organization. The financial, healthcare and retail industries are bound to regulatory and compliance standards. Due to the legalities, it’s critical to be diligent and consistently monitor for vulnerabilities within our systems, addressing as appropriate. Organizations that are aware of this constant battle have the power to remediate many of these vulnerabilities by following some simple steps.
1. Managing Vulnerabilities
It is critical to first identify if any vulnerabilities exist, treat any vulnerabilities found, report the issue to appropriate personnel, and stay ahead of attacks by coordinating checks on a regular basis. Operationalizing this is critical, and often best performed by a specialized third party. In terms of scan frequency, we recommend quarterly scans but encourage a weekly scan schedule. First and foremost, you need to have a vulnerability scan run against your network, so you can identify if any vulnerabilities exist. After vulnerability scanning is completed, you are usually provided a report containing any vulnerabilities found including the name of the vulnerability, the date of discovery, criticality ratings, a description, and the process that will need to take place to remediate each specific item found.
2. Remediate Vulnerabilities
Once you identify the vulnerabilities within your network, it will be necessary to go through and treat any issues found. These vulnerabilities are separated into criticality ratings. It will be the responsibly of your Infosec provider and your IT team to determine what risks you are willing to accept and prioritize critical vulnerabilities. Vulnerabilities are usually remediated by updating specific software that may be significantly outdated, however, in more severe instances it can include replacing devices within your network.
3. Manage Vulnerabilities and Users
Once you have remediated any vulnerabilities found within your network, you should inform others of your findings so that these issues can be dealt with in the future. For example, if you find vulnerabilities pertaining to a certain user, it may be beneficial to follow up with the user so they can keep their machine well maintained and up to date. User education is critical. Staff should be aware of these vulnerabilities so they can do their part in helping to minimize the number of issues on the network. You will also want to keep this information for your records in proving your organization is compliant with current standards.
4. Maintain Security
Attackers are constantly looking for new ways to exploit our networks, this vulnerability management process never ends. As we continue to update and secure our systems, the attackers will then find new exploits in which we will need to remediate accordingly. We must all do our part in being diligent and keeping a close eye on our systems and software, making sure we fix the vulnerabilities before the bad guys find them.