Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Information Security Handbook

You're reading from   Information Security Handbook Enhance your proficiency in information security program development

Arrow left icon
Product type Paperback
Published in Oct 2023
Publisher Packt
ISBN-13 9781837632701
Length 370 pages
Edition 2nd Edition
Arrow right icon
Author (1):
Arrow left icon
Darren Death Darren Death
Author Profile Icon Darren Death
Darren Death
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Chapter 1: Information and Data Security Fundamentals 2. Chapter 2: Defining the Threat Landscape FREE CHAPTER 3. Chapter 3: Laying a Foundation for Information and Data Security 4. Chapter 4: Information Security Risk Management 5. Chapter 5: Developing Your Information and Data Security Plan 6. Chapter 6: Continuous Testing and Monitoring 7. Chapter 7: Business Continuity/Disaster Recovery Planning 8. Chapter 8: Incident Response Planning 9. Chapter 9: Developing a Security Operations Center 10. Chapter 10: Developing an Information Security Architecture Program 11. Chapter 11: Cloud Security Considerations 12. Chapter 12: Zero Trust Architecture in Information Security 13. Chapter 13: Third-Party and Supply Chain Security 14. Index 15. Other Books You May Enjoy

Closing information system vulnerabilities

A vulnerability refers to a weakness in a piece of technology, such as a workstation, server, router, software, cloud, or process, that undermines the system’s ability to provide adequate security assurance that the threat actors will use that have been previously discussed. Three aspects must be considered to assess a vulnerability properly:

  1. First, the information system’s susceptibility to a particular flaw must be determined. This review involves ascertaining whether the specific version of the technology or software in question meets the criteria for the vulnerability to exist.
  2. Next, it must be determined whether an attacker can access the information system to exploit the flaw. Depending on the technology and location, an attacker may not have immediate access to the system. This information helps prioritize vulnerabilities as it relates to enterprise vulnerability management.
  3. Finally, whether sufficient means exist to exploit the flaw must be determined. If an active exploit exists in the wild for a given vulnerability, it should be considered a high-priority vulnerability to be addressed immediately.

After carefully reviewing the characteristics of vulnerabilities related to a specific information system, an information security professional can determine the attack surface for a given vulnerability and prioritize how the enterprise should mitigate the vulnerability. Hundreds of vulnerabilities may exist in an information system at any time. Therefore, the information security professional must be able to prioritize critical vulnerabilities that must be addressed immediately, while other vulnerabilities can be managed more methodically and reasonably over time. The following table provides more details related to this concept.

Example Triage Chart for Vulnerabilities

All Hands on Deck

Planned Methodical Deployment

  • Vulnerability can be executed over the network
  • Information system is exposed to the internet
  • An information system is not patched correctly and is running an old version of server software or operating system software
  • Vulnerability requires physical access to be exploited
  • The information system is well protected within the network
  • The server is maintained and adequately patched

Table 2.1

Vulnerability management

It is essential to understand that many situations that require an all hands on deck response in information security are often a result of poor management of the enterprise information system. If an organization’s information system is not regularly patched, it can create serious vulnerabilities that must be addressed immediately. Vulnerability management is identifying and addressing vulnerabilities within an organization’s information system. The process involves several steps:

  1. Firstly, the organization must identify vulnerabilities in its specific information system. This identification can be made through enterprise vulnerability management tools, such as Nessus, as well as staying up to date with information security blogs and subscribing to security sites for the vendors they use.
  2. Secondly, the organization must triage the vulnerabilities and determine the level of risk they pose to the organization. The information security professional must communicate this risk effectively and determine whether an all hands on deck or a planned approach to a vulnerability is needed.
  3. Thirdly, the organization must research, plan, and deploy the appropriate mitigations for applicable vulnerabilities. There may be multiple tasks involved in vulnerability mitigation. The information security professional must fully understand these steps, communicate them to stakeholders, and adequately deploy the appropriate countermeasures to mitigate the vulnerability.
  4. Finally, the organization must continuously monitor the information system to ensure that vulnerabilities have been fully mitigated. Utilizing a vulnerability assessment tool during the vulnerability mitigation process will allow the organization to continuously assess its information system, track progress, and understand when they have successfully met its goal.
You have been reading a chapter from
Information Security Handbook - Second Edition
Published in: Oct 2023
Publisher: Packt
ISBN-13: 9781837632701
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime