8 Elements of Complete Vulnerability Management - Slide 5

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next 8 Elements of Complete Vulnerability Management-5 Next

With attackers stepping up the frequency of their external scans, organizations need to test more frequently for vulnerabilities than they have in the past. Historically, organizations would run external vulnerability assessments either quarterly or annually. With the rate at which new vulnerabilities are discovered and how quickly hackers use them against targets, a 3- to 12-month period between tests is far too long. It is recommended that vulnerability scans be run weekly for optimum security, and monthly for at least best practice. Organizations should be allowed to purchase VA services that offer unlimited scanning ability for the optimal security. Otherwise, you run the risk of spending more money than the benefit the service will provide. Internal scans can be run less frequently than external scans. Optimal security suggests monthly and best practices would be quarterly.

Today’s threat landscape offers attackers a much larger selection of attack points in the form of open firewall ports for business traffic, Web or other servers behind the firewall, along with all applications running internally on the network, including PCs and servers. This gives the bad guys a wealth of attack methods to find vulnerabilities in your network. Attackers even have applications that take all the difficulty out of hacking into your network. These programs can be used to run high-speed automated attacks that were unthinkable a few years ago.

External threats are now the minority attack method. Attacks targeting internal systems are more lucrative financially and more effective than external attacks. Spam, phishing, social engineering, malware, Trojans, portable media devices, and other methods are commonly used to compromise systems while completely subverting traditional security solutions such as firewalls, intrusion detection systems, and even previous external vulnerability scans.

Bottom line: It is easy to be a hacker, and hard to stay ahead of them. One silver lining is that many of these attack methods rely on the system being vulnerable in some way. A lot of attacks are looking for weaknesses or misconfigurations in browser and Web applications. Malicious websites, whether used in conjunction with spam, phishing, search engine manipulation or any of several other attack types, often require a vulnerable system in order for the hackers to be successful. Identifying and remediating these vulnerabilities becomes one of the methods we can use to stay ahead of criminals.

Here, Perimeter Chief Architect Kevin Prince offers up eight steps you should take to protect your organization.

You can check out other slideshows from Perimeter: Data Breach Trends of 2009, Tracking Data Breaches by Incident, and Top Security Threats for 2010.

Related Topics : Cyber Crime, Fiber-to-the-Premises, Infrastructure Concerns, Service Level Agreements, Telecommuting

More Slideshows

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.