Chuck Leaver – You Must Take Care Of Vulnerability Lifecycle Management

Written By Dr Al Hartmann And Presented By Chuck Leaver

The following heading struck the news recently on September 7, 2017:

Equifax Inc. today revealed a cyber security incident possibly impacting approximately 143 million U.S. customers. Bad guys made use of a U.S. website application vulnerability to gain access to certain files. Based upon the business’s examination, the unauthorized access happened from mid-May through July 2017.

Lessons from Past Debacles

If you like your career, appreciate your role, and wish to keep it, then do not leave the door open to hackers. A major data breach often begins with an unpatched vulnerability that is easily exploitable. And after that the inescapable happens, the hackers are inside your defenses, the crown jewels have actually left the building, the press launches fly, expensive experts and external legal counsel rack up billable hours, regulators come down, suits are flung, and you have “some major ‘splainin’ to do”!

We are unsure if the head splainer in the present Equifax debacle will survive, as he is still in ‘splainin’ mode, asserting the infiltration started with the exploitation of an application vulnerability.

In such cases the normal rhumba line of resignations is – CISO initially, followed by CIO, followed by CEO, followed by the board of directors shakeup (specifically the audit and corporate duty committees). Do not let this occur to your career!

Steps to Take Immediately

There are some common sense steps to take to prevent the unavoidable breach catastrophe resulting from unpatched vulnerabilities:

Take inventory – Stock all system and data assets and map your network topology and connected devices and open ports. Know your network, it’s division, what devices are connected, exactly what those devices are running, what vulnerabilities those systems and apps expose, what data assets they access, the sensitivity of those assets, what defenses are layered around those assets, and what checks remain in place along all possible access paths.

Improve and toughen up – Implement best practices recommendations for identity and access management, network segmentation, firewall and IDS configurations, operating system and application setups, database access controls, and data encryption and tokenization, while simplifying and cutting the number and complexity of subsystems across your enterprise. Anything too intricate to handle is too complex to protect. Select setup solidifying heaven over breach response hell.

Constantly monitor and scrutinize – Periodic audits are needed but inadequate. Continually monitor, track, and evaluate all relevant security events and exposed vulnerabilities – create visibility, event capture, analysis, and archiving of every system and session login, every application launch, every active binary and vulnerability exposure, every script execution, every command issued, every networking contact, every database transaction, and every delicate data access. Any holes in your security event visibility produce an opponent free-fire zone. Develop essential efficiency metrics, monitor them ruthlessly, and drive for ruthless enhancement.

Do not accept functional reasons for inadequate security – There are constantly protected and effective operational policies, however they may not be pain-free. Not suffering a catastrophic data breach is way down the organizational pain scale from the alternative. Operational expedience or operating legacy or misaligned top priorities are not valid excuses for extenuation of poor cyber practices in an intensifying risk environment. Make your voice heard.

~leaverchuck1


No Responses Yet to “Chuck Leaver – You Must Take Care Of Vulnerability Lifecycle Management”

Leave a Reply