Peter Lescop, our Security Consultant, has written an article about harnessing the power of an automated vulnerability management system for BL Global.
2020, a new decade with old problems. News headlines have been highlighting more weaknesses within IT systems around the world. Cyber criminals held the currency giant Travelex to ransom, leading to staff having to use pen and paper and preventing transactions at banks and supermarkets. The British government apologised after a data breach, where a user accidentally published addresses of more than 1,000 New Year Honour recipients online. There have also been claims that the crown prince of Saudi Arabia hacked Amazon boss Jeff Bezos’ phone.
Measures are in place to protect and prevent major incidents like these from striking at the heart of organisations. Regulatory and compliance frameworks, such as the UK government’s Cyber Essentials and the Payment Card Industry Data Security Standard, require organisations to ensure that they frequently carry out tasks such as scanning, reporting and remediation of their IT systems. Businesses must ensure that their organisational security meets compliance requirements, contractual obligations and risk management standards.
However, even some of the most trusted IT organisations aren’t immune. A recent patch release from Microsoft was unusually accompanied by a public warning from the U.S National Security Agency, to fix a flaw found within the Microsoft Windows cryptographic service. IT and Security teams are being stretched to implement and run an effective patching cycle to keep up with these regular patch releases. Plus, they may also have to adhere to cybersecurity frameworks such as Cyber Essentials, which has a strict requirement for operating systems, firmware and application patching to be implemented within 14 days of a vendor releasing a fix for a high-risk or critical security vulnerability.
This can be very challenging for many organisations’ security teams. Microsoft can simplify the process with operating system patching to an extent, but what about non-Microsoft products, applications, network switches, printers or firewalls? Even if a team manages to patch all of its products within the 14-day deadline, how can it be certain the patches have all been applied successfully?
This is where the implementation of a Vulnerability Management System (VMS), alongside a robust patching operation, can help. A VMS provides the ability to scan and report vulnerabilities across a large array of endpoints such as end-user devices, printers, telephony systems and network infrastructure. These vulnerabilities can range from standard operating system security patches to legacy configurations. Implementing a VMS means your teams no longer must rely on reading security blogs to know what and when to patch. It allows them to then prioritise patching based on vulnerabilities that are being actively exploited. You can leverage the research and analytics of your chosen VMS partner to fulfil this while your teams can dedicate their time to the more important task of patching.
Once a VMS is in place, you need an effective way to respond and remediate any vulnerabilities. Most vulnerability management systems provide several means of achieving this, such as:
- Providing risk scoring profiles per vulnerability
- Creating tracked projects to resolve groups of vulnerabilities
- Combining your VMS with patching products, such as Microsoft’s System Centre Configuration Manager (SCCM), to automate your VMS and patching cycle. Once a vulnerability has been found by your VMS, you can automate the process to send a request to patch directly to the SCCM, saving time and effort.
C5 Vulnerability Management Service
Our vulnerability management and patching services provide flexibility to create a scanning and remediation program specifically designed to fit an organisation’s requirements. You can choose various service levels to meet your business needs and current in-house capabilities.
The services are delivered by our Managed Services team using ‘best of breed’ platforms, which correlate live scan data against monitoring data for advanced threat correlation and profiling. The service provides:
- Vulnerability assessments
- Reporting and management services to businesses utilising a market leading vulnerability management platform.
- The ability to identify, classify, prioritise and report on vulnerabilities that exist on networks, systems, endpoints and applications.
The outcome for your business is reduced risk and enhanced legal and regulatory compliance with active monitoring and detailed compliance reporting for regulatory and industry frameworks. This protects your organisation’s data and systems 24/7, with an active and robust vulnerability management service.
By harnessing the power of an automated vulnerability management system, organisations can ensure they are benefiting from the security of leading-edge protection.