Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Software Vulnerabilities Risk Remediation

32 views

Published on

ClearArmor CSRP - 01.01
SOFTWARE BASED VULNERABILITIES
CyberSecurity is a Business Issue, not a Technology Issue

CyberSecurity is not just about reacting. It includes Risk Management, Audit, Compliance, and training. It also requires continuous attention to Cyber Hygiene. CyberSecurity requires continuous measurement, monitoring, and remediation. Is your organization reactive or proactive? Move to proactive CyberSecurity.
To comply with the intent of the NIST CyberSecurity Framework (CSF), Cyber Hygiene is a requirement. To Comply with NIST 800-53, 800-171, DFARS, NY State DFS Part 500, and a plethora of other frameworks and compliance guidelines requires continuous risk reduction through vulnerability remediation. ClearArmor CyberSecurity Resource Planning (CSRP) enables your organization to meet those requirements.

Published in: Business
  • Be the first to comment

  • Be the first to like this

Software Vulnerabilities Risk Remediation

  1. 1. CYBER RISK REDUCTION SERIES 01.01  SOFTWARE BASED VULNERABILITITES Overview Organizations continuously face risk rooted in an increasing and evolving set of threat vectors. These threat vectors aggregate to create an overall attack surface area. Reducing the underlying vulnerabilities results in a reduced attack surface area. This reduction limits adversaries’ ability to exploit vulnerabilities and impact what your organization has identified as valuable. ClearArmor ClearArmor™ Corporation 519 Easton Rd. Riegelsville, PA 18077 info@cleararmor.com http://www.cleararmor.com +1-(610) 816-0101 Step 1 – Accept that no risk reduction is sustainable possible without a structured CyberSecurity program. That Program must be based on a recognized standard. The most accepted standard is the NIST CyberSecurity Framework (CSF). Step 1- Structure and Standards are foundational to CyberSecurit Step 2 – A structured CyberSecurity program requires process, technology, and governance. ClearArmor CyberSecurity Resource Planning (CSRP) is the only solution that truly aligns organizations to the NIST CSF. This is achieved by ClearArmor’s Momentum Methodology (M2) and the Intelligent CyberSecurity Platform (ICSP). Step 2 - Process, Technology, and Governance are foundational to CyberSecurity Step 3 – Assign Ownership to all NIST CSF Functions, Categories, and Sub- Categories. These are the ‘Things’ that organizations must do to ensure ‘CyberSecurity’. Ownership requires a Responsible Role (Responsible for Doing) and an Accountable Rile (Responsible for Auditing). By assigning ownership, organizations are able to comply with guidance provide by the NIST CSF. Step 3- Assignment of Accountable and Responsible Roles are foundational to CyberSecurity Step 4 – Policy - establish your organizations software patching, upgrade policy. A subset of this will include maximum durations for remediations to reach production, testing guidance, and methods to distribute software patches. Step 4 – Creation of clearly defined policy is foundational to CyberSecurity
  2. 2. 2 Copyright © 2018 Clear Armor Corporation. All Rights Reserved Step 5 – Discovery your entire network. This includes, but is not limited to, all hardware, software, configuration information, used ports, utilization, etc. This requires technology and process that are complete. Only the ClearArmor Discovery, Classification, Indentification (DCI) process achieves a level of insight into your organizations networked assets, software, hardware, utilization that is instrumental to a significant number of NIST CSF sub-categories. Step 5 – Discovery is foundational to CyberSecurit Step 6 – Categorization is critical to achieving focused efforts. Quantities of active vulnerabilities in an organization can be staggering. Lack of prioritization of efforts increases risk and the likelihood of a successful exploit. In the ClearArmor ICSP, categorization occurs at three levels.  Level 1 – Automated Categorization based on device type (Network Devices, Storage Device, Workstation device, Server Device)  Level 2 – White Listing – Devices are initially not listed. Through automations or manual methods, all endpoints are identified as ‘White Listed’, ‘Limited Duration White Listed’, or ‘Black Listed’.  Level 3 – Landscape (Examples: Production, QA, Test, Dev1, Dev2, Patch)  Level 4 – System Membership (Example: HRIS, ERP, AD, eMail, BI, etc) Last, ClearArmor provides organizations with a workflow that allows organizations to categorize Risk Imperatives – to – Business Functions – to – Systems – to Endpoints Based on this ability, it is possible to focus remediations that directly relate to business risk imperatives, business functions, systems, or landscapes. Step 6- Categorization is foundational to CyberSecurity Step 7 – Precision Identification of Vulnerabilities is achieved through our  advanced automated software discovery and identification. This goes beyond typical methods that only go as far are reading registry information. The ClearArmor discovery process includes all executables, services, dll’s, and other types of files to gain greater understanding of what is installed where. All software, all version information, all distribution across the organization. At this stage a baseline of the preliminary vulnerability information is achieved, allowing for progress measurement.  Consumption of our Proprietary IT-Pedia data, the de facto source for understanding critical information such as associated NIST Identified vulnerabilities, end of support, end of sales, end of life, and a multitude of other information. If a new device, software package, vulnerability, or other details are identified in the wild, we bring that information down into your installation of the ICSP. Step 7- Identification of vulnerabilities is a critical element of all CyberSecurity Programs
  3. 3. 3 Copyright © 2018 Clear Armor Corporation. All Rights Reserved Step 8 – Review the discovered vulnerabilities in any number of ways, by distribution across the organization, by severity, by location, by type of devices, by category of device, etc. Every organization will prioritize their remediation targets differently. There is no one right way. At first this will seem to be overwhelming, once your organization has adopted its patching and vulnerability remediation process, and has begin to remediate issues, the noise and information will begin to calm. Step 8- Assessing active vulnerabilities is a critical element of all CyberSecurity Programs Step 9 – Target the vulnerabilities to remediate, following your organizations policy. This may change after initial work efforts are underway. More specifically, the organization may focus on mitigating the top ‘X’ % of impacted software packages. In many cases an initial focus may eliminate a large percentage of existing issues. After this first pass, the organization may go through a series of passes aimed at high importance systems. Additionally, the data available to your organization is significant at this point. It provides you with the ability to visualize the problem, target the solution, and catalytically enable your patching solutions to successfully operate. Step 9- Focused efforts are a key to cost effectively reducing risk Step 10 – As your endpoints are patched or software is upgrades, the discovery process will automatically pick up changes through the organization. Daily review off changes to your current vulnerabilities provide the ability to continuously remediate and assess success. Step 10 – Vulnerability remediation is a recurring process of a structured CyberSecurity Program ClearArmor CSRP is CyberSecurity See your Active Vulnerabilities
  4. 4. 4 Copyright © 2018 Clear Armor Corporation. All Rights Reserved Assign CyberSecurity Ownership Across Your Organization See Detailed Information on All Active Vulnerabilities See Detailed Information on the affected Endpoints Understand the Number of distinct Version affected by the Vulnerability and the Distribution across your organization
  5. 5. 5 Copyright © 2018 Clear Armor Corporation. All Rights Reserved CyberSecurity Resource Planning CSRP = Methodology + Technology A structured approach to CyberSecurity

×