Vulnerability Management System

Background

Vulnerability management is a continuous, proactive, and automated process that is used to find and patch potential vulnerabilities in a system, and thus helps in keeping the system safe from any potential cyber-attacks and data breaches and have systems in place to minimize damage if an attack does take place.

Vulnerability Management System Process

❖ The first step is asset discovery. Taking inventory of every single asset an organization uses must be done. A security program should then be used to regularly identify vulnerabilities on an automated schedule.

❖ These different assets must then be checked to see which of these are critical to business continuity, and as such given values in a priority list.

❖ A risk profile must then be created of every asset and its risks documented. Depending on factors such as the risk and criticality levels, action must be planned accordingly.

❖ The information found should then be conveyed to management concisely, with the possible remediation processes mentioned.

❖ Remediation of the vulnerabilities should then be done, with resources allocated accordingly, starting with the issues that present the greatest risk.

❖ Once resolved, regular audits must take place alongside standard verification processes to ensure that the risks are taken care of.

Necessity

❖ A security breach interrupts business processes, and lower potential profit margins

❖ Due to the centralized, accurate and real time reporting provided by Vulnerability Management system IT personnel would have an up-to-date level of visibility over the entire system

❖ It can help improve compliance with security regulations in a more streamlined process.

Cases

❖ The WannaCry ransomware attack. A worm that encrypted the data of more than 200,000 computers and held that data for ransom causing an estimated 4 Billion dollars overall loss. ❖ A data breach on InterContinental Hotels which took down the booking systems of all hotels under this company, ceasing all internal communication