0
06

Vulnerability Management

In this topic, you’ll learn about best practice in managing vulnerabilities to reduce risk.

In September 2017, a large US firm announced a catastrophic breach of its systems that exposed personal information of over 145 million Americans and over 15 million UK customers.

A patch for the vulnerability was released a few months prior to the attack, yet the security updates were not applied. It’s believed that the hackers used an unpatched vulnerability in Apache Struts, one that had been disclosed and a patch released several months prior.

The cost to the firm has been immense. Millions of customers are at risk of identity theft; the CEO, CIO and CISO all lost their jobs; the full cost of remediation, including resolving government investigations and civil lawsuits, is estimated to be well over $600m US and the firm lost a quarter of its market value.

One of the key lessons from this breach is that you and your team should know what frameworks you have in your environment and be proactive when it comes to vulnerability management.

Unmitigated vulnerabilities

There have been a number of cyber attacks and data breaches in recent years that have highlighted the devastating impact that unmitigated vulnerabilities can cause, and the huge personal consequences for customers.

Click play to watch the video.