Cybersecurity Essentials: Vulnerability Management Programs

One of the biggest challenges in dealing with cyber-attacks is that vulnerability is never static. New vulnerabilities in IT systems are constantly emerging, creating new cyber-threats. These new vulnerabilities emerge when networks, applications, databases, hardware, and other solutions are upgraded or newly added to your IT ecosystem. These may become vulnerable due to misconfigurations, software defects, or simply because a “proper” configuration creates a safety risk no one thought of before.

Ransomware is designed to slip unnoticed past your security controls and exploit these vulnerabilities. It often utilizes trusted processes, such as email attachments designed to look like legitimate company documents. Employees unknowingly click on and download the attachments, and the hackers are in. The ransomware harnesses your internal systems, encrypting files and disabling backup and recovery processes before your IT security team knows what’s happening. The ransomware may even sit undetected for months, waiting for your systems to become sufficiently vulnerable.

To protect themselves, it’s crucial for organizations of all types to employ a robust vulnerability management program (VMP).

Vulnerability management programs (VMPs) identify, prioritize, and remediate vulnerabilities before attackers can exploit them. They use a proactive, calculated approach to continuously scan enterprise assets for any possible vulnerabilities. Once these are discovered, the Information Security Team needs to plan the remediation of them. These programs can also perform continuous assessments of the current state of your enterprise cybersecurity.

A reliable VMP, one that lets you sleep soundly at night without worrying about ransomware or other types of cyber-attacks, is no longer optional in today’s cyber-threat landscape. It’s essential. So, what does reliable look like? Well, any VMP you can trust to protect your data must have the following capabilities:

Discovery

It is very difficult to protect assets you don’t even know you have. For this reason, the ability to maintain a comprehensive and up-to-date asset inventory is a fundamental component of any VMP. Your VMP must be able to create a list of all computing assets on your network. And since this list will constantly change, your VMP should be able to keep that list current through regular updates.

Asset Organization

In addition to having an accurate and up-to-date inventory of all assets on your system, it is equally important to classify your assets by purpose, function, location, and so on. Having your assets organized in a systematic way enables rapid remediation of vulnerabilities by providing insight into the type and quantity of assets affected.

Assessment

In addition to discovering and cataloging your assets, the VMP must do something even more important: assess them for vulnerabilities. Comprehensive assessments will not only seek out vulnerabilities, but should also identify any issues with regard to the organizational, regulatory, or legal compliance requirements that your systems are subject to.

Reporting

Your VMP should be able to generate detailed reports based on these vulnerability assessments and deliver these reports to all appropriate stakeholders. These reports must include all relevant data on the current state of your network assets, flagging anything that needs to be addressed.

Prioritization and Remediation

After discovering, organizing, assessing, and documenting your systems’ vulnerabilities, you will need to develop a remediation plan. Your VMP should be able to facilitate the prioritization of the most important vulnerabilities to remediate, scheduling and applying corrective measures for at least any vulnerabilities categorized as critical or high (CVSS).

Verification

After the remediation phase, your VMP should perform an additional vulnerability assessment to verify that you have secured all vulnerabilities as you intended.

Meriplex helps you align your information security strategy with your business goals, reducing your cyber risk and ensuring these controls are effective for your organization. Meriplex’s vulnerability management program identifies, prioritizes, and remediates vulnerabilities before an attacker exploits them to undermine the confidentiality, integrity, or availability of your enterprise information assets. Leveraging Netrality’s interconnected colocation data centers and direct cloud on-ramps, Meriplex ensures the highest performing and most cost-effective solutions for their customers.

Stay tuned for future installments in our 4-part cyber-security blog series on Network Access Controls, Cloud Security, and NextGen AntiVirus.

Andres Ruz, Director of Information Security
Andres has over 20 years’ experience in IT and Information Security and leads the Product Security team at Meriplex. He has an MBA in MIS, a Bachelor’s in computer science and six certificates in Information Technology Management and Security. He is also the Sector Chief for the Telecommunications Cross Sector Council (CSC) of the InfraGard with the FBI.