RubinBrown Cyber Security Center of Excellence – Security You Need to Know
New vulnerabilities are identified every day. Most of us have workstations set to auto-update, servers and applications are handled by the systems administrators, but there are more and more products, devices and applications in our environments. How do you track the patches and updates for all those manufacturers and providers?
You can set up alerts from the manufacturer about vulnerabilities, but as an organization grows, the number of devices keeps growing and keeping up with individual alerts can become a confusing mess. Ignoring it is not an option, recent breach reports suggest more than 90% of data breaches were from vulnerabilities published at least a year earlier and half of the breaches were caused by vulnerabilities identified more than seven years ago.
We can use Vulnerability Management to help identify patches that were missed, skipped or overlooked. Vulnerability management is the consistent, periodic assessment of vulnerabilities in an environment, across all aspects of the environment. Networks, devices, systems and applications need to be considered in the process that include regular vulnerability scanning, detailed testing and penetration testing. Performing vulnerability management on a regular schedule helps identify potential issues, reduces the risk of a data breach and keeps names out of the papers.
Get started by doing initial external and internal vulnerability scans, combine the results with your IT risk assessment to determine the appropriate frequency and scope of the ongoing vulnerability management effort.
If you have questions or need assistance, please contact your RubinBrown advisor or any of RubinBrown’s Cyber Security professionals.
Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.
All Business Advisory News Cyber Security Overview