Cybersecurity Assessment and Vulnerability Management
Weekly newscasts all too often highlight the perils of the unprepared—those who learn the hard way that cyberattacks are a matter of when they happen, not if they happen.
The cybersecurity professionals at ALLENDEVAUX team with your enterprise to protect the business and its information assets. Employing a global mindset with a landscape that covers everything from mobile technology to cloud computing, the outcome is a cybersecurity strategy that measures current strength and weakness and identifies gaps that should be addressed to mitigate vulnerabilities. Whether it’s an augmentation of an existing program or the implementation of a standard such as ISO/IEC 27032 for cybersecurity, ALLENDEVAUX works with the enterprise to advise, measure, design, and implement best practices.
How We Can Help
Two main objectives are recommended in relation to cybersecurity best practices. First, an enterprise should consider a third party attestation of its overall cybersecurity posture, a cybersecurity assessment that results in a formalized report of findings, scoring the current technical environment in terms of its strengths and weaknesses. Second, ALLENDEVAUX can help an enterprise design and implement recurrent vulnerability scans to identify findings, score vulnerabilities, report prioritise issues, generate prescriptive actions, and practice incident mitigation. This is performed by ALLENDEVAUX’s Security Network Operations Center (SNOC).
Phase One: Cybersecurity Assessment
In phase one, the successful completion of a baseline cybersecurity assessment results in an updated information asset registry, a vulnerability scan of defined assets, and scoring of vulnerabilities discovered by severity level, along with definitions of the vulnerabilities found. This information is useful for step 1D, penetration testing, which simulates attacks that might be made by malicious hackers.
Phase Two: Recurring Vulnerability Management Programme
Phase two begins after the formalized report has been written and delivered, and repeats monthly per best practices. The lifecycle fully repeats, and as seen here contains these components:
2A: Scan for vulnerabilities, always using an updated database from national entities such as NIST.
2B: Score findings, using a severity matrix of five metrics.
2C: Report findings, creating a dashboard that indicates vulnerability name, severity rating, the threat potential, and the possible exploit.
2D: Generate a prescriptive action plan, providing specificity regarding the patching or remediation necessary to mitigate the threat.
2E: Practice incident mitigation, prioritizing the actions to be taken, and opening tickets for severity 5, 4, and 3 issues, providing a tracking venue for relevant findings.
Why Vulnerability Management
Gartner Group recommends an enterprise establish and practice a monthly model to discover and remediate vulnerabilities that would otherwise accumulate (Chuvakin & Barros, 2015). Qualys recommends an enterprise establish a systematic model to regularly scan its information assets (Qualys, 2016). The Centre for Internet Security as reported by Tripwire recommends monthly scanning as a minimum baseline (Khimji, 2016).
Overall, regular scanning is recommended by security professionals; whilst most companies not currently observe this practice, they desire to follow these best practices. Further, when a vulnerability is first released, it may have a lower vulnerability score because there is no known exploit. But as time passes, exploits often become available, further underscoring the need for regular vulnerability management.
Chuvakin, A., & Barros, A. (2015, November 17). How to Implement Enterprise Vulnerability Assessment. Gartner. Retrieved February 1, 2017, from https://www.gartner.com/doc/3169219
Khimji, I. (2016, January 10). Vulnerability Management Program Best Practices -- Part 1. Tripwire. Retrieved February 1, 2017, from https://www.tripwire.com/state-of-security/vulnerability-management/vulnerability-management-program-best-practices-part-1/
Qualys. (2016, February 4). Best Practices for Scanning. Qualys Community. Retrieved February 1, 2017, from https://community.qualys.com/docs/DOC-3814