CIO OPINION
Or they can be used as critical inputs into a decision process to stop current mitigation efforts and pivot to other issues that are potentially more likely to impact the organization .
This is where using Threat Intelligence in conjunction with established vulnerability management practices can help organizations identify , prioritize and remediate vulnerabilities that have a higher risk profile or have the potential to have a greater impact on an organization .
To aid practitioners in vulnerability triage , it is desirable to have a list of vulnerability identifiers , presented in a prioritized list for mitigation .
With the likelihood of exploitation being a key multiplier within the risk equation , it ’ s critical to have accurate , up to date and verifiable information that can help the organization understand the details of likelihood .
By combining information available from a variety of public and private , internal and external sources , prioritization lists can be improved for greater accuracy .
Organizations need to adopt a structured and efficient risk-based process for managing vulnerabilities to reduce the risk of security breaches and improve overall security posture .
While exposure is an important input into the risk equation , it only really has relevance once certain elements of the vulnerability lifecycle are hit .
For example : What is the cost for adversaries to develop exploitation tools for the vulnerability – or is it now available within the existing off-the-shelf attack tool sets ?
This is one of the largest influencers of likelihood of it targeting the masses . Does exploitation of the vulnerability result in a situation that fits into the threat actor ’ s tools , techniques and procedures ( TTP ) sweet spot , meaning it ’ s easy for them to execute upon their objective ?
These are elements that the enterprise has absolutely no control over but can get visibility into to get ahead of the response process if answers to any of these questions is ‘ yes ’.
Automated assessment and scoring of a vulnerability likelihood is only now possible across the many disparate data sources by consolidating data into a single record of truth about what is known about the vulnerability .
Once a vulnerability hits a threshold value , or key elements of context are identified , automated actions can be initiated .
This helps move vulnerability management from its legacy ( must patch everything ) approach to a business focused risk-based approach and allows security teams to become part of the business decision-making process .
Using Threat Intelligence from internal and external sources , vulnerability management teams can identify , validate and orchestrate the entire vulnerability management life cycle of key assets that are at risk – quickly addressing and remediating through automation and collaboration .
In today ’ s ever-evolving threat landscape organizations need to adopt a structured and efficient risk-based process for managing vulnerabilities to reduce the risk of security breaches and improve overall security posture .
A data-driven threat intelligence approach is essential in this regard , as it enables organizations to identify and prioritize vulnerabilities accurately , allocate resources effectively and automate processes with high fidelity data . p
46 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com