Vulnerability management may not be the sexiest topic. But, while buzzier topics are certainly important, vulnerability management may just be the key to an effective data security strategy. According to a Ponemon Institute report, 42% of nearly 2,000 surveyed IT and security workers indicated that they had suffered a data breach in the last two years that could be blamed squarely on unpatched vulnerabilities. In this article, we’ll pull back the curtain on why vulnerability management matters and what we can do to support it.
More Openings for a Data Breach on a Growing Attack Surface
You are certainly aware of — or in the midst of building out — the hybrid cloud. As businesses continue to adopt public and private clouds and on-site databases, they become more flexible and agile. At the same time, they’re increasing the size of their attack surface when it comes to a data breach.
Let’s say we define the attack surface as X- and Y-axes. The X-axis marks every possible technical asset and the Y-axis marks all ways an attacker could exploit those assets. The attack surface expands endlessly. This is even more true if cloud adoption trends and patching gaps continue at the same pace.
But, that’s not why we’re doing this exercise.
Consider this same chart with vulnerability management and effective data security tools in place. Those can monitor for gaps and misconfigurations that can lead to a data breach. Suddenly, the Y-axis almost disappears. Its growth slows, turning the attack surface from a football field to a single swim lane. This narrow rectangle represents continued digital expansion with fewer surprises or unknown obstacles.
Defense Is the Offense Against a Data Breach
Stopping the bad guys should be at the top of your list. Often the primary goal of any defensive team is to ensure threat actors — or careless employees — are spotted and stopped. But with unpatched vulnerabilities and misconfigurations being the number-one causes of data breaches, maybe that mantle should be shared.
It can be tempting to consider the offensive teams and tools that hunt for threats and stop attacks the heroes of the day. However, they often swing into action only once a data breach has already started. While no tool can stop every data breach, the defensive teams and tools should be given a similar investment and level of prestige. Without them, the attackers could enter without any trouble. And that would mean a lopsided scoreboard in favor of the ‘other team.’
Drafting the Right Team
If vulnerability management should be a cornerstone of IT and security programs, why are so few businesses devoting resources to support it?
Well, for one thing, it’s mundane. It is difficult to define the return on investment of a solution meant to stop threats when threats don’t succeed and can’t be quantified in the first place due to the problem being patched. Changing a mission-critical database’s password from ‘123456’ to something more secure isn’t exactly breaking news. But, it could do more to improve database security before an attack happens than any of the algorithms on the market today. That isn’t to say enterprise should stop investing in machine learning, threat hunting and predictive analytics when it comes to fighting a data breach or other attacks. Algorithms should also be used to detect openings and cut down on the time it takes to fix them.
That brings us to the second reason why businesses may shy away from vulnerability management: it can be complex. It requires teamwork between database admins and security teams, systems admins and others. These folks are tasked with tracking changes and trends over time. Their work may become more complex if you move this lengthy maintenance to the top of their to-do lists.
That is where a modern vulnerability assessment solution can help. It can run thousands of assessment tests across different hybrid or multicloud environments to detect gaps and misconfiguration. From there, it can prescribe steps to correct issues and deploy fixes. Siloes are on the way out as future-proof defense comes in.
It’s well past time to let vulnerability management take the field before a data breach happens.
Find out more about how IBM Security helps streamline data security vulnerability assessment with IBM Security Guardium.
Offering Manager, Data Security, IBM
Emily is an offering manager for IBM Security. In addition to her work advancing the Guardium Data Protection Portfolio, Emily serves as a Research Assistant...