Strategies to protect against network security vulnerabilities
Computerworld - The reality we must face is that Internet security vulnerabilities are never going away. Every year the number of identified vulnerabilities increases at an alarming rate.
Last year, the CERT Coordination Center at Carnegie Mellon University in Pittsburgh reported 4,129 vulnerabilities, compared with 1,090 in the year 2000. That's an increase of 378% in only two years.
CERT also reported that more than 95% of intrusions result from the exploitation of known vulnerabilities or configuration errors where countermeasures were available. The hackers who exploit these vulnerabilities are continually getting more sophisticated. Add to that the heightened threat of terrorist activity and the looming fear of what organizations have to lose, and you have daunting security challenges.
How can overwhelmed administrators who are already short on resources prepare and execute the tactics of a vulnerability defense strategy? And can those defense preparations wait? These questions, among others, haunt security administrators who understand the severe damage and information loss that can result from an exploited vulnerability.
Administrators must take a proactive approach to resolving vulnerabilities. If recent history of cyberattacks has taught us anything, it's that you can't protect yourself after the attack has started.
The best practices of vulnerability remediation outlined below are crucial to helping administrators assess their current risk, take steps to prepare their vulnerability defense with minimal interruption to current processes and lay the groundwork to proactively address future vulnerabilities (with their current IT staff) before they are exploited.
Step 1: Identification/Discovery of Systems
This initial step gives you, as security administrators, a clear view of the network through the use of an assessment tool or network mapping software that can scan all networks (and subnetworks) to determine used TCP/IP addresses and the associated devices connected to them.
Once all devices are identified, you can determine which systems are most critical to protect and then put them in order of priority.
Step 2: Vulnerability Assessment
Vulnerability assessment tools or scanners are used to identify vulnerabilities within the network. The vulnerabilities identified by most of these tools extend beyond software defects (which are fixed by patching) to include other easily exploitable vulnerabilities, such as unsecured accounts, misconfigurations and even back doors. There are several types of assessment tools available.
Although these tools have general similarities, they can vary in the methods and processes they employ to identify vulnerabilities. As a best practice, you shouldn't rely on a single assessment tool but should use different tools to gain a broader perspective of their exposure to vulnerabilities. Open-source or shareware assessment tools are available online and can be used to supplement commercial scanners.
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!