LATEST INTELLIGENCE

A decade ago , most enterprises could get away with addressing vulnerabilities in silos . One team would scan servers and desktop computers on the enterprise network , looking for misconfigurations in systems and vulnerabilities in commercial software applications . When problems were discovered , they were thrown over the wall for system administrators and operations groups to fix . Application developers were responsible for policing internally developed web applications . Other specialists worried about the susceptibility of employees to social engineering attacks . Rarely was anyone responsible for analyzing how different types of vulnerabilities might interact to expose critical data and intellectual property .

That vision of vulnerability management is too inefficient and expensive for today ’ s enterprise . Computing environments are far more complex . IT and security groups must monitor a much larger attack surface . Infrastructures and web applications can change on a daily , even hourly basis . Cybercriminals and hackers have learned how to exploit chains of weaknesses in systems , applications , and people . Traditional vulnerability management tools and practices are too limited , too siloed , and too slow to keep up with these challenges .

Toward a modern vulnerability risk management program

Security organizations must rethink their vulnerability management programs . They need to monitor complex , dynamic computing environments , and respond in minutes or hours when issues are discovered – not days or weeks . They need to address weaknesses in people as well as technology . Also , security professionals must be able to think like attackers in order to understand which vulnerabilities pose the greatest risks to the enterprise . p

PRESENTED BY

Download whitepapers free from www . intelligentcio . com / me / whitepapers /

www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 21