Strategies to protect against network security vulnerabilities
Computerworld - The reality we must face is that Internet security vulnerabilities are never going away. Every year the number of identified vulnerabilities increases at an alarming rate.
Last year, the CERT Coordination Center at Carnegie Mellon University in Pittsburgh reported 4,129 vulnerabilities, compared with 1,090 in the year 2000. That's an increase of 378% in only two years.
CERT also reported that more than 95% of intrusions result from the exploitation of known vulnerabilities or configuration errors where countermeasures were available. The hackers who exploit these vulnerabilities are continually getting more sophisticated. Add to that the heightened threat of terrorist activity and the looming fear of what organizations have to lose, and you have daunting security challenges.
How can overwhelmed administrators who are already short on resources prepare and execute the tactics of a vulnerability defense strategy? And can those defense preparations wait? These questions, among others, haunt security administrators who understand the severe damage and information loss that can result from an exploited vulnerability.
Administrators must take a proactive approach to resolving vulnerabilities. If recent history of cyberattacks has taught us anything, it's that you can't protect yourself after the attack has started.
The best practices of vulnerability remediation outlined below are crucial to helping administrators assess their current risk, take steps to prepare their vulnerability defense with minimal interruption to current processes and lay the groundwork to proactively address future vulnerabilities (with their current IT staff) before they are exploited.
Step 1: Identification/Discovery of Systems
This initial step gives you, as security administrators, a clear view of the network through the use of an assessment tool or network mapping software that can scan all networks (and subnetworks) to determine used TCP/IP addresses and the associated devices connected to them.
Once all devices are identified, you can determine which systems are most critical to protect and then put them in order of priority.
Step 2: Vulnerability Assessment
Vulnerability assessment tools or scanners are used to identify vulnerabilities within the network. The vulnerabilities identified by most of these tools extend beyond software defects (which are fixed by patching) to include other easily exploitable vulnerabilities, such as unsecured accounts, misconfigurations and even back doors. There are several types of assessment tools available.
Although these tools have general similarities, they can vary in the methods and processes they employ to identify vulnerabilities. As a best practice, you shouldn't rely on a single assessment tool but should use different tools to gain a broader perspective of their exposure to vulnerabilities. Open-source or shareware assessment tools are available online and can be used to supplement commercial scanners.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts