This week I attended the Privacy & Security Conference at Thompson Rivers University in Kamloops. Kudos to TRU for an excellent day jam packed with good presentations.
One of the presenters from a large institution talked about their experience managing their way through a successful ransomware attack that disabled several critical applications and the effort required to pick up the pieces and move forward afterwards. The speaker was compelling, but two points jumped out to me during the session.
First was the mention that the ransomware infected their IT systems through a vulnerability. Second was the point that in the mopping up phase one of the follow up actions was the establishment of a comprehensive vulnerability management program. I found myself wondering if the two were connected.
Simply put, a decent vulnerability management program scans an environment for known vulnerabilities, provides actionable information on the riskiest vulnerabilities to the right people responsible for remediation (often but not always through patching), workflow features to enable remediation and reporting to management and business stakeholders on trends over time for high risk vulnerabilities and remediation efficiency.
In our experience at Credo Trust, too many organizations take a tick-the-box approach to the scanning part and ignore the effectiveness and efficiency of remediation, if indeed it’s done at all. It’s just like a farmer knowing that the cows are in a field where the gate to the road is open, and not doing anything about it.
The vulnerabilities picked up by a scanner are the easiest points of attack. They need to be fixed. We have to continue to educate stakeholders that this may not be as bleeding edge as using an AI engine to analyze possible hostile traffic, but it’s foundational and important in any decent IT security program. If you’re interested in learning more check out our website at www.credovm.com amongst other sources.
Credo Trust is a member of the Sky Northern Security Alliance specializing in vulnerability management. If you'd like assistance with your vulnerability management program, get in touch via a service request.