At some point, security becomes all about the math.
Every device you connect to the network becomes another potential security vulnerability. And the more vulnerabilities you have, the harder it is to sort out what to tackle and when.
That’s always been the case. What’s new is how the devices have proliferated over the last several years, in large part because of remote and now hybrid work.
“Think about it: There are, maybe, several hundred thousand potential vulnerabilities on a network,” said Bill Harrod, Chief Technology Officer for the Public Sector at Ivanti, which provides risk-based vulnerability management solutions. “Where do you go first? How do you do the patching to keep up with zero-day attacks and critical security vulnerabilities?”
Map Your Threat Landscape
The first step toward answering that question is to identify those vulnerabilities. It’s not enough to know what devices are on the network. You also need insight into the status of every device: Is it compliant with your security policies? What software does it run, and exactly what components are part of that software? Is that software up to date on its patches? Have security controls been altered? And so on.
The next step is to understand the risk involved. Every misconfigured system, outdated software or missing patch represents a vulnerability. But to what extent is that vulnerability likely to be exploited, and what damage might be done?
That discovery process must be continuous as new devices are connected, the status of existing devices changes (e.g., new patches must be applied or software must be updated) and new threats emerge.
Change the Equation
Back in the days when networks had a relatively stable number of devices, the security team tended to keep tabs on vulnerabilities using a spreadsheet. But with the proliferation of connected devices, “trying to manage it with a spreadsheet is just a losing proposition,” Harrod said.
Here are three areas in which automation can change the equation:
- Identifying and assessing devices and other IT assets in real time, including all hardware and software on premises, in the cloud and at the edge
- Correlating that inventory with threat intelligence and other security data to prioritize remediation efforts
- Testing, deploying and validating patches, and ensuring that patch deployments have minimal impact on your employees and system workloads
Keep the Employee in Mind
If security had one objective — to protect systems and data — you could just lock users out of the network and call it a day. But the real goal, said Harrod, is to “make it as easy as possible for people to do their jobs and be secure at the same time.”
In fact, he said, a 2022 survey by Ivanti found that 40% of respondents would consider changing jobs if they couldn’t access the tools they need, such as a mobile device.
Ivanti provides risk-based vulnerability management and related tools that enable organizations to provide that user experience without compromising security, Harrod said.
This article appeared in our guide, “A New Cyber Game Plan Takes Shape.” To see the rest of “Mapping the Cyber Threat Landscape” and learn more about how respond to — and head off — the latest threats, download the guide:
Leave a Reply
You must be logged in to post a comment.