Challenges of Vulnerability Management
Download as PPTX, PDF1 like1,350 views
This document discusses Atos India's vulnerability management process. It outlines that vulnerability management is the process of identifying security weaknesses, evaluating risks, and remediating issues. Atos manages over 13,000 IT systems and 2,200 critical assets. Their vulnerability management cycle involves scanning for vulnerabilities, evaluating and prioritizing them, developing remediation plans, patching systems, and confirming issues are resolved. In 8 months using this process, Atos reduced vulnerabilities by 78%, outdated systems by 36%, and improved their compliance and customer confidence. They continue improving by monitoring new threats and evaluating team performance.
Challenges of Vulnerability Management
- 1. Murli Menon Atos India Pvt Ltd Case Study
- 2. Vulnerability Management (VM) A process by which loopholes in IT systems are identified, risks are evaluated & remediated Why VM ? Cyber Crime Rise Compromise of Data Major Software flaws Inappropriate IT system administrations Identifications of weakness
- 3. On Ground 13000 + IT Systems 2200 + Critical Assets 1200+ Network Systems 8000+ Actual Vulnerabilities 34% False Positives 600 + Customers supported 88% Critical SLA’s 24x7 Business Operations Minimal Down Times Maximum Privilege Access Zero Risk Tolerance Vs Facts Business Challenges
- 4. Action Plans Dedicated team Assigned Roles and Responsibilities based on RASCI Matrix including business representatives Defined policies on VMS considering the business & Organization impacts Obtained business approvals on actions plans of remediation's Formulation of vulnerability calculations vs Impact as a Security KPI
- 5. VMS Cycle Remediate & Confirm Search EvaluatePrioritize • Prioritizing the critical assets + Vulnerabilities • Focusing on Top Critical • Developing plans to test the remediation's on Critical • Approvals for Remediation's • Identify the assets • Filtering False Positives • Finalizing the reports • Discovering the network • Identify the scopes • Initiate Scan with schedules considering the business operations (Servers, devices scanned during non business hours) • Patching /Remediate • evaluating the impact • rescanning & Confirm for closure of vulnerability 1 2 4 3
- 6. Long term Remediation's • Identify the consequences of reported vulnerabilities • Detailed analysis of Root causes • Targeting the hidden gaps • Designing the solutions to avoid reoccurrences • Testing & Deploying the solutions • Monitoring for any reoccurrences • Maintain the Knowledge base for future remediation's
- 7. Advantages ..In 8 months 78 % vulnerabilities been remediated with Zero impacts on business 36% Outdated Systems, Software's been withdrawn Patch Management improvised to 96% Overall compliance 98.89% (WIR) Minimum Risk Exceptions Increase in Customer Confidence
- 8. Continuous Improvements Regular Watch on latest Threats & Vulnerabilities Daily Team meeting to understand the progress Measure the performance of security teams by the reduction of critical vulnerabilities Evaluate actual vulnerability management results against targeted metrics
- 9. Area of Challenge Major Counts Adobe Vulnerabilities Apache Vulnerabilities with weak Ciphers Database patching was not easy Client systems non availability Poodle, Heartbleed
- 10. Key Consideration on VMS Meeting compliance requirements and legal boundaries Checking current security controls if proactive or reactive Efficiency of Vulnerability Management tool Check current security state of your network Is confidential data sufficiently protected Latest Threats vs Assets
- 11. Thank You
Editor's Notes
- #3: The increasing growth of cyber-crime and the associated risks are forcing most organizations to focus more attention on information security. A vulnerability management process should be part of an organization’s effort to control information security risks. This process will allow an organization to obtain a continuous overview of vulnerabilities in their IT environment and the risks associated with them. Only by identifying and mitigating vulnerabilities in the IT environment can an organization prevent attackers from penetrating their networks and stealing information