Milestone one

International Organization for Standardization (2005) defines vulnerability as a weakness of an asset or group of assets that can be exploited by one or more threats.Vulnerability management is defining IT vulnerabilities and evaluating the risks associated with those vulnerabilities. This assessment contributes to the correction of vulnerabilities and the elimination from management of a formal risk admission.Vulnerability management is a vulnerability scanning process that often takes other factors into account, such as risk acceptance and remediation. The network vulnerability evaluation in an enterprise is not simply a review and evaluate of the machine or the networking tools that are used in the project but is also a potential source for network attacks on devices and sources connected to the network, such as printer and Internet link resources.

The Vulnerability Management Life Cycle aims at enabling organizations to recognize security deficiencies in their computing systems as well as to establish a plan to avoid potential harm to these vulnerabilities; to discover, prioritize assets; to evaluate, report and fix the deficiencies, and to check that they have been eradicated. Following are the steps in the life cycle of vulnerability management:

Don't use plagiarized sources. Get Your Custom Essay on
Milestone one
Just from $13/Page
Order Essay

Discover: The initial stage of the vulnerability management process, where all assets in the network are described, and host data are identified, including operating system information and open services. This means creating a network baseline and finding on a daily automated schedule security vulnerabilities. Compile all the assets that you need to evaluate, assess their value, and who can access them. Work to maintain an inventory that is regularly updated so that you can have a map of the vulnerabilities in your network.

Prioritize assets: Categorize assets by classes or business organizations and provide asset classes with business value based on their criticality. It can seem difficult to handle the numerous vulnerabilities every day to prioritize the biggest threats and fix them all first, making them all so essential.

Assess: Evaluate a risk profile such that threats can be minimized based on the criticality of the asset, vulnerability hazard, and asset classification. The next step is to ensure each device is scanned correctly and efficiently once you have collected and prioritized all of your devices and inventory.

Report: Calculate your assets’ business risk level in compliance with your security policies. Document a security plan, track suspect behaviors, and describe identified defects. These reports include guidelines and the best plan for swift and streamlined risk assessment. It should include the step-by-step steps to be taken and guidance to correct the problem. The report aims to substantially reduce the safety risk posed by these vulnerabilities. It should include the step-by-step steps to be taken and guidance to correct the problem. The report aims to substantially reduce the safety risk posed by these vulnerabilities.

Remediate: Prioritize and remedy corporate risk vulnerabilities. Build checks and show improvement. It refers to the steps to reduce the identified vulnerabilities by the impact stage. In this step, the team designs the vulnerability mitigation procedure. Remediation activities include making suggestions, developing an action plan for carrying out suggestions, investigating the root cause, and implementing solutions. This can be achieved by upgrading and making fixes and working changes to stop the hazard. This is replicated with the discovery of new vulnerabilities. In order to recognize and recognize new vulnerabilities that could lead to possible future attacks, the network and its devices need constant monitoring.

Verify: The final move is to check performance by follow-up audits. This move not only ensures the effectiveness of mitigation but also ensures transparency and accountability within your business. The aim is to decrease a company’s attack surface by reducing vulnerabilities and to reduce risks of an attack. It’s difficult to know how to find them yourself, let alone prioritize and remedy a rapidly increasing number of vulnerabilities. Fit the team for the battle to minimize the danger and future threats by investing in a vulnerable management tool and team.

The organizations which consider implementing a Vulnerability and Remediation Management Program must overcome several criticalities. The following are included:

The company needs to spend time understanding the risks and challenges that the company might face as a result that technological problems have not been detected and or delayed. Some hazards that may emerge from technological vulnerabilities, such as harm to reputations and resulting losses of profitability due to violations or accidents publicly disclosed; inability to trade for more extended periods of time, denial of service attacks or breaching the system; and possible data loss due to a violation or failure to manage. The main elements needed to provide the Senior Manager with prompt, precise, and accurate data are detection, qualifying, Quantification, and constructive management of risks related to technological vulnerabilities. This will allow the management to make informed decisions on budgetary spending and allocate funds to support the management of vulnerabilities.

Asset identification. A comprehensive, precise, and up-to-date inventory of all properties is key to an efficient vulnerability and remedial management system. Without a clear visibility of the actual inventory of an organization, the management of asset groups can fail to take into account the overall threat profile of an organization during the life cycle of vulnerability management. A good start point is the discovery scan of all network areas to locate all live devices on those networks, which is used to establish an accurate asset inventory. When all known network ranges and networks have been mapped, assets may be included in an asset registry so that their assets are ultimately available to management. Management needs to run numerous scans to verify the basis of the asset discovery so that devices that could be temporarily turned off for system maintenance or other legitimate business purposes can be detected.

Asset ownership and responsibility. It can be a challenging task to timely fix found vulnerabilities without delegated ownership. In addition to a decentralized remediation management system, this task can be increased. Regardless of the vulnerability, a simple and transparent remediation approach is recommended in order to allow management to first obtain current information, on request, about the remediation status of such open items and also to demonstrate the open faults in the organization. To overcome these issues, it is crucial that management recognize the ownership of structures, facilities, and supporting properties, accept and formally assign them to ensure a clear definition of the responsibility for the recovery of the vulnerability to a certain asset. This means that owners are responsible for remediation and the ongoing vulnerability profile of the land.

Asset criticality.The remediation operation focused solely on the criticality of the vulnerability is a common mistake. The analysis of the sensitivity scoring combined with the criticality of assets would make it possible for the company to correctly prioritize corrective measures. As a critical asset for a team’s work cannot be vital for the overall function of the enterprise, the assessment of an asset at a strategic level must be decided. Management must also determine remedial response times, all of which follow industry-leading standards for practice and which are compatible with the organization’s risk appetite. As soon as possible, where it is safe to solve critical problems identified with critical assets; however, timelines can and do vary among organizations.

Misunderstanding.There is a problem where the company misunderstood what an efficiently controlled vulnerability program entails. Management also believes that after implementing a well-recognized automated vulnerability management solution, they have a robust program in place. Although automated vulnerability management systems provide useful insights into the technological security role of an enterprise, they are of limited use unless well-designed processes and processes are supported. Processes and processes need to be in place to ensure that workers need mindful of their roles and that steps are taken to ensure that the risk and remediation management strategy is organized and repeatable. This ensures the vulnerability resolution has been accepted by senior management in a transparent and efficient manner. They enable businesses to handle activities such as prioritizing problems, prompt remedial vulnerabilities, misidentification, updating asset inventory and distribution of ownership and liability, and incorporating processes and practices to help current vulnerabilities management tools.

Remediation requirements and business objectives.A team or business unit refuses to prioritize the remedy of defined problems within a reasonable time span. This method would then make it possible for senior management to make an informed decision on evaluating the value of the patch. A formally specified escalation process is necessary to provide the vulnerability manager an opportunity to express concerns about senior management. The purpose of the escalation process is not to be a finger-pointing exercise but to provide senior management with a summary of the risks and implications that the remediation does not take place in good time.

The organization’s network requires various scanning methods to determine the known threats and vulnerabilities present in the network’s system. They include:

Wireless Scanning. Wireless technology allows one or more devices to communicate in their simplest way without physical links, such as network or cable. They include essential technologies such as wireless keyboards and mice, complex cellular networks, and local wireless networks. Given the continued increase in the number and availability of wireless devices, companies need to test and safeguard their enterprise wireless environments continually. Wireless scans will assist organizations in determining corrective steps to mitigate wireless technologies risks.In order to prepare technical wireless security assessments, the location of a facilities scanning needs to be considered because the physical proximity of a building to the public can increase the risk of wireless threats, the frequency of the link and disconnection of wireless devices to the environment, and typical levels of wireless traffic.

Passive Wireless Scanning. To complete the wireless protection measures already in place, passive scanning should be carried out on a regular basis. If data is not transmitted, malicious users and other devices cannot detect a passive scanning method. This decreases the possibility that people escape detection by the disconnection or deactivation of unauthorized wireless devices. Wireless traffic is transmitted by passive scanning tools inside the tool’s antenna. In most wireless devices, you can find several vital attributes: service set identifier (SSID), system type, channel, media access control (MAC), signal strength, and the number of packets transmitted. This knowledge can be used for the safety evaluation of the wireless environment and the detection of possible fake devices and unauthorized ad hoc networks inside the scanning system. Furthermore, the wireless scan tool should be able to analyze the packets collected to assess whether operational anomalies or risks occur.

Active Wireless Scanning. Companies can surpass passive wireless scanning to perform active scanning. This builds on the information gathered during passive scanning and attempts to connect it to detected devices to perform penetration or vulnerability testing. Instead of aggressively searching these devices, the company should concentrate on detecting and finding possible rogue devices. In conducting penetration tests on their own wireless devices, organizations can use active scanning.

Wireless Device Location Tracking.Once rogue devices are detected and found physically during wireless testing, security staff should be careful to monitor how the rogue device is treated, such as reconfiguration, shutdown, and removal of the device, so that it complies with the organization’s policies. To uninstall the item, security staff should determine, before the confiscation, the activities of the rogue item. This can be achieved by tracking and trying to access the computer.

Bluetooth Scanning. Passive scanning of Bluetooth-enabled wireless devices should be performed to determine the possible presence and operation for organizations who would like to confirm compliance with their Bluetooth safety requirements. When scanning this type of scan, the evaluators should take note of the range limitations. Organizations will want to search only in areas of their installations which the public can access to see if attackers can access devices through Bluetooth. In addition, organizations can search for any Bluetooth infrastructure that they implement, such as access points. If rogue points of access are identified, the company should manage them in compliance with the policies and processes that have been developed.

Vulnerability and risk management are an evolving process that must be adapted continually to the changing threat of cybersecurity environment. The method should, therefore, be checked periodically, and the workers should be updated on current threats and developments. The effectiveness of the organizational vulnerability and risk management program will be assured by the continual growth of people, procedures, and technology. A variety of aspects should be discussed to ensure a robust vulnerability management program. First and foremost, specifically assigned positions and responsibilities. Make sure all stakeholders know what to expect in the company. Pick a technology for vulnerability scanning that meets your organization’s needs. The configuration and the fine-tuning of the vulnerability scanner technology should be given appropriate attention. Finally, it is recommended to restrict the scope of the initial vulnerability scans when beginning with vulnerability management. Initial scans that lead to ten thousands of vulnerabilities are thus prevented. It would be safer to pick only a small set of vulnerabilities or only those listed by the vulnerability scanner tool as “high risk.”

 

 

Homework Writing Bay
Calculator

Calculate the price of your paper

Total price:$26
Our features

We've got everything to become your favourite writing service

Need a better grade?
We've got you covered.

Order your paper