{' '} {' '}
Limited time offer
SAVE % on your upgrade.

Page 46

Advertising feature

TURNING WEAKNESSES INTO

STRENGTHS The growing threat of security and data breaches continues to put IT teams under pressure. However, embracing a Vulnerability Management System (VMS), alongside a robust patching operation, can not only offset risk, but also demonstrate the strength of an organisation, says C5 Alliance Security Consultant Peter Lescop

2020, A NEW decade with old problems. News headlines have been highlighting more weaknesses within IT systems around the world. Cyber criminals held the currency giant Travelex to ransom, leading to staff having to use pen and paper and preventing transactions at banks and supermarkets. The British government apologised after a data breach in which a user accidentally published the addresses of more than 1,000 New Year Honours recipients online. There have also been claims that the crown prince of Saudi Arabia hacked Amazon boss Jeff Bezos’ phone. Measures are in place to protect and prevent major incidents like these from striking at the heart of organisations. Regulatory and compliance frameworks – such as the UK government’s Cyber Essentials and the Payment Card Industry Data Security Standard – require organisations to ensure that they frequently carry out tasks such as scanning, reporting and remediation of their IT systems. Businesses must ensure that their organisational security meets compliance requirements, contractual obligations and risk management standards. However, even some of the most trusted IT organisations aren’t immune. A recent patch release from Microsoft was unusually accompanied by a public warning from the US National Security Agency, to fix a flaw found within the Microsoft Windows cryptographic service. IT and security teams are being stretched to implement and run an effective patching cycle to

46 February/March 2020

keep up with these regular patch releases. Plus, they may also have to adhere to cybersecurity frameworks such as Cyber Essentials, which has a strict requirement for operating systems, firmware and application patching to be implemented within 14 days of a vendor releasing a fix for a high-risk or critical security vulnerability. This can be very challenging for many organisations’ security teams. Microsoft can simplify the process with

Our vulnerability management and patching services provide flexibility to create a scanning and remediation program to fit an organisation’s needs

operating system patching to an extent, but what about non-Microsoft products, applications, network switches, printers or firewalls? Even if a team manages to patch all of its products within the 14-day deadline, how can it be certain the patches have all been applied successfully? This is where the implementation of a Vulnerability Management System (VMS), alongside a robust patching operation, can help. A VMS provides the ability to scan and report vulnerabilities across a large array of endpoints – such as end-user devices, printers, telephony systems and network infrastructure. These vulnerabilities can range from standard operating system security patches to legacy configurations. Implementing a VMS means your teams no longer need to rely on reading security blogs to know what and when to patch. It allows them to prioritise patching based on vulnerabilities that are being actively exploited. You can leverage the research and analytics of your chosen VMS partner to fulfil this while your teams can dedicate their time to the more important task of patching. Once a VMS is in place, you need an effective way to respond and remediate any vulnerabilities. Most vulnerability management systems provide several means of achieving this, such as: ● Providing risk scoring profiles per vulnerability ● Creating tracked projects to resolve groups of vulnerabilities ● Combining your VMS with patching

www.blglobal.co.uk

Profile for BL Magazine

BL Magazine Issue 66 February/March 2020  

What risks and challenges will businesses face in 2020 and beyond? Is ‘Japanisation’ really a thing and how is it impacting the rest of the...

BL Magazine Issue 66 February/March 2020  

What risks and challenges will businesses face in 2020 and beyond? Is ‘Japanisation’ really a thing and how is it impacting the rest of the...