By Chandrashekhar Basavanna
Modern cyber attacks are ingenious — and traditional vulnerability management, or VM, simply is no longer very effective.
Unlike a typical cyber attack that exploits a software vulnerability, recent cyber attacks exploit other security risks, such as misconfigurations, security deviations, and posture anomalies. But VM vendors tend to focus more on software vulnerabilities and leave out everything else.
SecPod’s research shows some 44 percent of the total vulnerabilities in a typical IT infrastructure don’t have a Common Vulnerabilities and Exposure (CVE) designation.
The consequences of a cyber attack can be devastating; from a rapid drop in brand reputation to loss of business and sensitive data. Cyber attacks can also invite lawsuits and can even be fatal.
In addition to real-time protection, effective VM can also help with compliance at a time when data security rules are increasing in regulatory policies like NIST, PCI, HIPAA and GDPR.
With traditional VM, achieving compliance is a struggle. But advanced VM provides an actionable way of adhering to regulations and policies mandates that call for risks to be identified and detected as part of ongoing data security.
While traditional VM is herky-jerky, advanced VM is a continuous and smooth process that results in much more efficient and detection, integration, and automation.
Further, effective VM can be very cost-effective; the potential cost saved in preventing cyberattacks is enormous when compared to total security expenditures.
Reinventing VM
The importance of effective VM can’t be overstated. Yet given th ..
Support the originator by clicking the read the rest link below.
