Strategies to protect against network security vulnerabilities
Computerworld - The reality we must face is that Internet security vulnerabilities are never going away. Every year the number of identified vulnerabilities increases at an alarming rate.
Last year, the CERT Coordination Center at Carnegie Mellon University in Pittsburgh reported 4,129 vulnerabilities, compared with 1,090 in the year 2000. That's an increase of 378% in only two years.
CERT also reported that more than 95% of intrusions result from the exploitation of known vulnerabilities or configuration errors where countermeasures were available. The hackers who exploit these vulnerabilities are continually getting more sophisticated. Add to that the heightened threat of terrorist activity and the looming fear of what organizations have to lose, and you have daunting security challenges.
How can overwhelmed administrators who are already short on resources prepare and execute the tactics of a vulnerability defense strategy? And can those defense preparations wait? These questions, among others, haunt security administrators who understand the severe damage and information loss that can result from an exploited vulnerability.
Administrators must take a proactive approach to resolving vulnerabilities. If recent history of cyberattacks has taught us anything, it's that you can't protect yourself after the attack has started.
The best practices of vulnerability remediation outlined below are crucial to helping administrators assess their current risk, take steps to prepare their vulnerability defense with minimal interruption to current processes and lay the groundwork to proactively address future vulnerabilities (with their current IT staff) before they are exploited.
Step 1: Identification/Discovery of Systems
This initial step gives you, as security administrators, a clear view of the network through the use of an assessment tool or network mapping software that can scan all networks (and subnetworks) to determine used TCP/IP addresses and the associated devices connected to them.
Once all devices are identified, you can determine which systems are most critical to protect and then put them in order of priority.
Step 2: Vulnerability Assessment
Vulnerability assessment tools or scanners are used to identify vulnerabilities within the network. The vulnerabilities identified by most of these tools extend beyond software defects (which are fixed by patching) to include other easily exploitable vulnerabilities, such as unsecured accounts, misconfigurations and even back doors. There are several types of assessment tools available.
Although these tools have general similarities, they can vary in the methods and processes they employ to identify vulnerabilities. As a best practice, you shouldn't rely on a single assessment tool but should use different tools to gain a broader perspective of their exposure to vulnerabilities. Open-source or shareware assessment tools are available online and can be used to supplement commercial scanners.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts