Friday, November 11, 2022

How To Prevent Your Network From Cyberattacks

 By Nicholas Ibenu

A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.

According to the 2021 World Economic Forum report on global risks, “Cybersecurity measures in place by businesses, governments and individuals are increasingly being obsolete by the growing sophistication of cybercriminals.” And this is true as businesses continue to keep a blindfold on the importance of security.

A network vulnerability scan, on the other hand, is part of the vulnerability assessment process where the main focus is placed on finding and identifying security vulnerabilities in systems hosted on specific Internet Protocol addresses. A 2022 IBM security report revealed a surge in various cyberattacks between 2020 and 2021. Notably, those caused by exploiting vulnerabilities have increased by 33 per cent.

While every business need is different, it’s a best practice to perform network vulnerability scans at least once per quarter. However, vulnerability scans may be required monthly or weekly based on compliance, the organisation’s business focus, major changes to infrastructure, and internal network security capabilities. One way to narrow down scanning frequency is to identify and categorise the type of data your company stores information such as credit cards, and National Identity Numbers for those in Nigeria, or Social Security Numbers for those in the United States, and vis-a-vis in other countries as well as the average length of time the data is retained.

The Javelin Strategy and Research 2021 Identity Fraud Study revealed that identity fraud losses reached $56bn in 2020, with $13bn lost from traditional identity fraud and $43bn lost from identity fraud scams.

While vulnerability scans can help with identifying and closing down vectors (routes) of attack by providing details found regarding vulnerabilities, possible exploits and recommendations for mitigating or reducing the risk will be figured out. Reasons and needs for vulnerability scans can vary greatly, depending on the seriousness of the company and its willingness to commit to cyber security best practices as you cannot run a successful business without a smooth security plan. Most organisations are only concerned about carrying out a financial audit, et al. You may not be able to carry out a successful financial audit if you don’t have a successful security plan as financial software used in performing these activities are running on a machine which is susceptible to security attacks.

Some of the major factors that determine the frequency of vulnerability scans may include the need to achieve and maintain a successful vulnerability assessment process as a vulnerability assessment is an integral part of every successful cybersecurity programme. Thus, conducting vulnerability scans, and mitigating found vulnerabilities will contribute to the overall efforts to keep the company’s systems and network safe. 

The other thing we look at when considering a vulnerability assessment plan is compliance. Many compliance standards require vulnerability scanning to be performed on a regular basis. Presenting auditors with quarterly reports and remediation efforts is part of most audit processes. Adequate security after a major infrastructure change is a common practice to conduct vulnerability scans on parts of the infrastructure that underwent a major change in order to ensure the security of newly modified systems. Scans should also be performed after major software and patch deployments.

In order to perform a security vulnerability assessment, you have to start with the identification of your assets and with the identification of each asset’s risk weakness and value. The very least you should do is identify how important each asset or network device is for your company. By understanding the importance and by defining your risk weaknesses, you can move forward with the strategic components that will shape your vulnerability assessment process.

After your initial assessment of devices and with a firm strategic vulnerability assessment process in place, you must determine which devices will be publicly available on the internet, and which will stay hidden from the internet, or in other words, be only accessible from inside your network. This will separate the kind of network vulnerability scan you will perform on each device.

Before performing the vulnerability scan, you should close all unnecessary ports and services that are running on each device and go over the configuration settings. Performing basic hardening of each device early on in the process will allow you to focus on more complex issues that may arise later during the scanning process. Finally, configure your network vulnerability scan in such a way that it corresponds with the type of device you wish to scan. It is very important to have a security specialist perform the scan in order to make sure you don’t miss any present vulnerability due to the poor configuration of the scan.

A security professional will often carry out these assessments. Not only will the new implementation need to be functional, but also must be secure. Performing a network vulnerability scan will ensure that nothing is missed in the new implementation. Companies perform network vulnerability scans on a weekly, monthly, quarterly, biannual, or annual basis. 

This continual evaluation of your business’ intellectual assets, applications, connectivity, servers, and users, allows the cybersecurity team to focus on patching any risk profiles in the network. They also provide a summarised picture of your security posture and your position in business in terms of security. The safer you are, the more reliable your business becomes and continues to stand out.

*Ibenu, a security researcher, writes from Lagos, Nigeria

 

No comments:

Post a Comment