Risk management: reduce the risk of modern attack surface

The face of invalid and fragmented safety plan, a large number of single point tool to generate data scattered and lack of insight, many network security team is in trouble.In this article, we will explain why they need a risk exposure management platform to provide comprehensive visibility, and help their projected threat, an analysis of the priority repair and reduce risk.

With clearly defined local boundary IT environment has stepped onto the rotary dial telephone.What are the reasons?The following is a list of some common related assets: cloud, mobile technology, software delivery capacity, the IoT and over the past few years a variety of other modern technologies and processes.

As a result, IT environment is becoming more and more complex, scattered and mixed and more loosely, make IT difficult to be effectively protected.Attack surface expanding and more complicated, for cyber criminals provides a number of available loopholes and blind spots.

World changes with each passing day, the network security team will continue to get into trouble, but also the face of invalid and fragmented safety plan, a large number of single point tool to continually produce a large number of scattered data, and these data are often not easy to form associations, also it is difficult to draw a meaningful insights.

What should I do?Might as well try the risk management

With the development of the IT environment and become more complex, protect all kinds of tools and techniques needed for the assets and in the same change.Vulnerability management has played a tremendous effect, can let us better understand the traditional IT assets (such as servers, workstations, or network equipment) of the security situation.However, to the cloud platform, micro services, Web application, the operation technology equipment and identity service transition needs more and more specialized tools, and these tools can be safely and correctly evaluate each kind of technology, to determine the possible risks to the enterprise.

Risk management is the modern version of this fragmented evaluation methods, this method can be every assessment tools, and techniques of data collection and analyzed together, to see the evaluation results, the relationship between the let companies know may suffer from the real situation in the field of attack.Because the attackers usually from one type of vulnerability to another type of loopholes, therefore, the defender must be able to understand their own how all bugs and errors configuration data will influence each other.This relationship centered aggregate analysis has traditionally been done manually in the external data storage, among them, the risk of a security team must create relationships, and make use of their personal understanding of infrastructure for analysis.This leads to the environmental view of incomplete, and the process of trying to solve this problem very slow and difficult.

The sticky situation has a solution: beyond the traditional vulnerability management risk management plan, including across a range of assets and configuration problems in technology, vulnerabilities and attack path data, including identity solutions, configuration, and deployment of cloud and Web applications.

Risk management plan is the basis of the technology platform and understanding, response and repair processes needed for the risk exposure, and make the enterprise to be able to:

• Get the entire modern attack the full visibility
• Predicting threat to attack prevention priority analysis
• Network security risk in order to make better decisions

What kind of risk management of enterprise need?

The following questionnaire to help determine whether to need to adopt risk management plan:

• Security tools can interoperate in the stack, and the risk exposure to provide comprehensive insight?
• Whether to attack surface to obtain comprehensive visibility, including from the endpoint to the cloud, and then to the local environment, as well as any area between each other?
• Can at any time by way of predicting priority analysis was carried out on the repair work, to understand what work needs priority at any time?
• Use of intelligence to understand threat situation?
• Whether assets are most critical to all may result in cyber criminals into attack path analysis?
• Whether to meet or exceed the industry benchmark way to fix the problem timely, accurate, and last?
• Can be confident and authority to answer the following question: "how safe are we?"
• Whether to the business management and security team clearly communicate safety status?
• Security team of resource allocation decisions on the basis of the data?

If you are looking for all or most of the questions to answer is "no", then USES the risk management has great could benefit.

The main advantage

Comprehensive risk management program can help all kinds of stakeholders.The following is a risk management plan for the benefits of three types of key groups.

• Security professionals

  • To attack surface has the complete comprehensive visibility and understanding
  • All assets of unified view, no longer is absent
  • For all types of vulnerability and risk exposure for precise analysis of the fixed priority
  • Clearly establish effective risk management of the baseline
  • Improved risk decision

• The security manager

  • Comprehensive insight into and privilege of threats, assets, and context
  • Reduce the risk and repair and response for resources
  • Through the assets in the attack surface and user context view forecast attack consequences
  • Clear and easy to communicate key performance indicators (KPI), to follow up the progress over a period of time and comparing with the benchmark

• CISO, business information security officer (BISO) and other safety executives

  • Accurate risk assessment, to improve decisions about investment and insurability, meet compliance requirements, and promote enterprise to improve
  • Operational metrics to help measure, compare, and to IT and security team and non-technical managers and operations teams to communicate network security risk
  • With a clear KPI unified view of network security risk, to measure progress, and with the industry and enterprise internal benchmark comparison
  • To answer the following question: "how safe are we?"

In the risk management platform need to pay attention to three things

Effective risk management platform need to provide three key features:

Comprehensive visibility

In order to achieve rapid and smooth understanding and management of the network security risk of the enterprise and its complete attack surface, and eliminate the blind spot, the platform must provide the following functions:

• Either locally or in the cloud, for all assets and related software bugs, configuration, loopholes and provide a unified view of vulnerability of authority

• Continuous monitoring of the Internet, in order to rapidly detect and identify all external oriented assets, eliminating the security risks of known and unknown area

Forecast and the analysis of priority

In order to help the security team to anticipate the consequences of network attacks, its action is priority analysis, and to reduce risk to a minimum of effort, the platform must provide the following functions:

• Use a variety of single point tool to provide large data sets, provide relevant attack path related assets, risk exposure, the privileges and the context of threat

• Continued recognition and attention by the attacker using are at greatest risk of attack path

• To provide accurate predictive repair guidance and insight

Effective measure of network security risk

To provide safety management personnel, and business leaders with a centralized view, in accordance with the business of network security risk, and provide the clear KPI, let them to be reference to the risk management ability for test, the platform must provide the following functions:

• To the overall network security risk of the enterprise to provide actionable insights, including the value of active work every day

• Enable users to understand each department, business unit, location, type of technology or any other form of business operation details

• To help improve the business enterprise inside the whole communication and collaboration between different groups

• Provide operational indicators, to help save time, improve the investment decision-making, support network insurance plan, promote the improvement, at the same time to reduce risk

Tenable can bring what

Today, Tenable introduced Tenable One exposure management platform.The platform to various data sources and unified view of a single exposure, designed to help companies gain visibility and priority analysis was carried out on the work and communicate network security risk.

Tenable One based on the proven Tenable product, different holes, errors, security configuration, and other integrated into a single view, will all find that the risk of problem context unify in together, and risk of the enterprise is the most serious areas provided based on the understanding of the context.So, can let enterprise fair to weigh the missing patches, SQL injection vulnerability and risk between misconfiguration container size, which a risk to the business and understand the potential impact of a larger.With the help of a Tenable One, the enterprise can make full use of between Tenable and its partners, such as ServiceNow existing integration.The platform also aims to lay the foundation for risk management program, and other security tools for most of the enterprises have implemented ramming foundation, processes and services.

For details

• Download the white paperThree real challenge faced by the network security leader: exposure management platform can bring what benefit
• Check the information:From the vulnerability management based on risk to the risk management: changing the definition of good network security mechanism
• Reading blogs,Tenable One exposure management platform is introduced