By Nicholas Ibenu
A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.
According to the 2021 World Economic Forum report on global risks, “Cybersecurity measures in place by businesses, governments and individuals are increasingly being obsolete by the growing sophistication of cybercriminals.” And this is true as businesses continue to keep a blindfold on the importance of security.
A
network vulnerability scan, on the other hand, is part of the vulnerability
assessment process where the main focus is placed on finding and identifying
security vulnerabilities in systems hosted on specific Internet Protocol
addresses. A 2022 IBM security report revealed a surge in various cyberattacks
between 2020 and 2021. Notably, those caused by exploiting vulnerabilities have
increased by 33 per cent.
While
every business need is different, it’s a best practice to perform network
vulnerability scans at least once per quarter. However, vulnerability scans may
be required monthly or weekly based on compliance, the organisation’s business
focus, major changes to infrastructure, and internal network security
capabilities. One way to narrow down scanning frequency is to identify and
categorise the type of data your company stores information such as credit
cards, and National Identity Numbers for those in Nigeria, or Social Security
Numbers for those in the United States, and vis-a-vis in other countries as
well as the average length of time the data is retained.
The
Javelin Strategy and Research 2021 Identity Fraud Study revealed that identity
fraud losses reached $56bn in 2020, with $13bn lost from traditional identity
fraud and $43bn lost from identity fraud scams.
While
vulnerability scans can help with identifying and closing down vectors (routes)
of attack by providing details found regarding vulnerabilities, possible
exploits and recommendations for mitigating or reducing the risk will be
figured out. Reasons and needs for vulnerability scans can vary greatly,
depending on the seriousness of the company and its willingness to commit to
cyber security best practices as you cannot run a successful business without a
smooth security plan. Most organisations are only concerned about carrying out
a financial audit, et al. You may not be able to carry out a successful
financial audit if you don’t have a successful security plan as financial
software used in performing these activities are running on a machine which is
susceptible to security attacks.
Some of the major factors that determine the frequency of vulnerability scans may include the need to achieve and maintain a successful vulnerability assessment process as a vulnerability assessment is an integral part of every successful cybersecurity programme. Thus, conducting vulnerability scans, and mitigating found vulnerabilities will contribute to the overall efforts to keep the company’s systems and network safe.
The other thing we look at when considering a
vulnerability assessment plan is compliance. Many compliance standards require
vulnerability scanning to be performed on a regular basis. Presenting auditors
with quarterly reports and remediation efforts is part of most audit processes.
Adequate security after a major infrastructure change is a common practice to
conduct vulnerability scans on parts of the infrastructure that underwent a
major change in order to ensure the security of newly modified systems. Scans
should also be performed after major software and patch deployments.
In order to perform a security vulnerability
assessment, you have to start with the identification of your assets and with
the identification of each asset’s risk weakness and value. The very least you
should do is identify how important each asset or network device is for your
company. By understanding the importance and by defining your risk weaknesses,
you can move forward with the strategic components that will shape your
vulnerability assessment process.
After your initial assessment of devices and
with a firm strategic vulnerability assessment process in place, you must
determine which devices will be publicly available on the internet, and which
will stay hidden from the internet, or in other words, be only accessible from
inside your network. This will separate the kind of network vulnerability scan
you will perform on each device.
Before performing the vulnerability scan, you
should close all unnecessary ports and services that are running on each device
and go over the configuration settings. Performing basic hardening of each
device early on in the process will allow you to focus on more complex issues
that may arise later during the scanning process. Finally, configure your
network vulnerability scan in such a way that it corresponds with the type of
device you wish to scan. It is very important to have a security specialist
perform the scan in order to make sure you don’t miss any present vulnerability
due to the poor configuration of the scan.
A security professional will often carry out these assessments. Not only will the new implementation need to be functional, but also must be secure. Performing a network vulnerability scan will ensure that nothing is missed in the new implementation. Companies perform network vulnerability scans on a weekly, monthly, quarterly, biannual, or annual basis.
This
continual evaluation of your business’ intellectual assets, applications,
connectivity, servers, and users, allows the cybersecurity team to focus on
patching any risk profiles in the network. They also provide a summarised
picture of your security posture and your position in business in terms of
security. The safer you are, the more reliable your business becomes and
continues to stand out.
*Ibenu,
a security researcher, writes from Lagos, Nigeria
No comments:
Post a Comment