Security and risk folks are constantly trying to improve security without impacting business productivity. It is key to determine which projects will drive most business value while reducing risk. In September 2020, Gartner published their recommendations for Top 10 Security Projects for 2020-21 that security and risk management leaders should focus on.
- Securing your remote workforce
- Risk-based vulnerability management
- Extended Detection and Response (XDR)
- Cloud Security Posture Management (CSPM)
- Simplify cloud access controls
- Domain-based Message Authentication, Reporting and Conformance (DMARC)
- Passwordless Authentication
- Data classification and protection
- Workforce competencies assessment
- Automating security risk assessments
Let us look at some of the items from the above list in this blog.
Securing your remote workforce
With COVID-19, most of the workforce is remote. This posses a serious challenge since it is difficult to perform vulnerability assessments for remote assets, as most traditional vulnerability scanning tools require network access to the host / asset. Organizations need to adopt next generation VA tools which do not require any scans on the network. We have talked about this challenge in detail in an earlier blog.
Risk-based Vulnerability Management
Given the vulnerability deluge and backlog, it is not practically possible for organizations to patch everything. Organizations needs to focus on effective prioritization of the identified vulnerabilities to ensure that the critical ones are patched. Prioritization based solely on CVSS score falls short and is not effective. There is need to focus on vulnerabilities that are actually exploitable. Machine Learning can help predict exploitability for late breaking vulnerabilities with fairly good accuracy. Leveraging ML/AI aided prioritization can help organizations cut down the noise and focus on the important ones. Threatworx Attenu8 platform helps organizations take a risk-based approach to vulnerability management by highlighting the critical vulnerabilities as described in this blog. These tend to be around 5-7% of the total reported vulnerabilities.
Cloud Security Posture Management
Most organizations already leverage public clouds. The elasticity of the cloud coupled with pay-as-you-go model has certainly helped adoption. However, one of the top root causes for security breaches (reference – IBM Cost of Breach study) are cloud misconfigurations. Basic hygiene stuff like avoiding open for all ports, periodically recycling access keys etc. is especially important. Read more in this blog.