
Inaccurate Data Creating a False Sense of Security


Larry Hurtado, President & CEO, Digital Defense, Inc.
The efficacy of any information security infrastructure is wholly dependent on the accuracy of the underlying security intelligence. Faulty data can lead those responsible for security toward action–or inaction–that ultimately creates vulnerabilities with far-reaching, sometimes devastating, consequences on the business.
“The resulting gap between the ‘static security solution’ and the changing infrastructure is compounded over time, undermining the usefulness of the vulnerability data provided”
In today’s threat environment, the security risks to all organizations have dramaticallyincreased. As a result, there is a renewed commitment to establishing a healthy security ecosystem based on a holistic view of endpoints, as well as the in-house and third party applications running on them. Many CIOs and CSOs look to vulnerability management providers to deliver this end-to-end view of the infrastructure with a focus on identifying the weak points that leave an organization exposed to hackers and various attacks. But like a physician examining an MRI, a security professional trusts that the picture painted by a vulnerability management solution is accurate, and takes action—or does not—based on that picture.
It’s critical that the picture be based on accurate data points despite the complexity and evolution of the network infrastructure, and the ever evolving nature of the threats. The vulnerability management system must be accurately identifying current threats and potential threats, and enabling that information to be shared across the organization’s multi-vendor security applications.
Previously, information security technologies operated within their own silos, providing specific value, but not taking advantage of information from the organization’s multiple other tools. However, within the last five years, many organizations have realized the benefits of bringing together information from these traditionally separate solutions, and creating a more integrated security ecosystem.
While there is no such thing as a “one size fits all” information security ecosystem, nor does any one vendor offer companies a complete solution to solve all security use cases, companies are working to integrate more. Vendors are announcing key integrations with other security vendors to solve some common use cases. Additionally, most vendors offer Application Programming Interfaces (APIs), allowing their solutions to be integrated with complimentary security tools. In most cases, an organization must evolve their ecosystem based on their own threat and risk models as well.
Unfortunately, these IT teams are also working with a potentially fatal flaw in some vulnerability management solutions that can go undetected until an incident occurs and exposes the shortcoming. This fatal flaw is made more likely by the increasing complexity of today’s heterogeneous networks and multi-vendor security infrastructure.
The problem stems from the simplified algorithmsinterwoven within pattern-matching algorithms located deep within the foundational core of most automated vulnerability management products. Many of these productsassume the networks they are scanning are static, when in fact they are not. As time passes, the underlying networks that these vulnerability solutions are supposed to measure and protect inevitably shift and change.The resulting gap between the “static security solution” and the changing infrastructure is compounded over time, undermining the usefulness of the vulnerability data provided. We call this issue network drift.
You can quickly see how this problem is exacerbated as organizations must evolve their ecosystem based on their own threat and risk models. That’s not to suggest we stop evolving our networks. Keeping pace with current technologies inside and outside security is crucial to any business. Instead, the answer lies in selecting a vulnerability management solution capable of finding security weaknesses as the landscape continually changes. It’s a critical capability. Otherwise, not only is the vulnerability management system not performing its job, but worse yet, all the associated security applications that are functioning based on the (faulty) vulnerability data, are ineffective.
The harsh reality is that the findings portrayed within the “asset views” of the vulnerability management systems used by most organizations (including many Fortune 500 enterprises) are far less accurate than we once believed due to the problem of network drift. Organizations are using inaccurate information to guide their security decisions, and integrate it with their security enforcement technologies within their security ecosystem.
The primitive algorithms found within the inner workings of somevulnerability managementsolutions, supplied by even the largest of the vendors in the space, are seriously limited, and cannot correctly track findings in the presence of the dynamic network changes common to many enterprises. As a result, an organization using such solutions must take extreme care, not be misled by the risk profile portrayed by these products, and instead must question the matching technology used within these platforms and take action to avoid a false sense of security or the chasing of phantom problems.
Integrating security solutions to protect an evolving infrastructure, when done right, is a positive step toward better security overall. When accurate data is brought together, it can help companies create better pictures of their network and catch and remediate real and problematic security flaws before they become real breaches.
Check this out: Top Endpoint Security Consulting Companies
Featured Vendors
THETA432: Performance, Precision, Efficiency, Visibility - The Key to Incident Response and Answer to the Talent Shortage
EveryCloud Technologies: Delivering Powerful Email Filtering Services" title="Graham O'Reilly, CEO & Co-Founder" style="float:left; margin-right:10px; margin-bottom:20px;" width="60px" height="50px">
EveryCloud Technologies: Delivering Powerful Email Filtering Services
Onepath: A Responsive Info-Security Management Framework – the easier way to dramatically improve your overall info-security posture
Covenant Security Solutions, Inc.: Revolutionary Solutions to Mitigate Security and Compliance Risks
EDITOR'S PICK
Essential Technology Elements Necessary To Enable...
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
Comparative Data Among Physician Peers
By George Evans, CIO, Singing River Health System
Monitoring Technologies Without Human Intervention
By John Kamin, EVP and CIO, Old National Bancorp
Unlocking the Value of Connected Cars
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
Digital Innovation Giving Rise to New Capabilities
By Gregory Morrison, SVP & CIO, Cox Enterprises
Staying Connected to Organizational Priorities is Vital...
By Alberto Ruocco, CIO, American Electric Power
Comprehensible Distribution of Training and Information...
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
The Current Focus is On Comprehensive Solutions
By Sergey Cherkasov, CIO, PhosAgro
Big Data Analytics and Its Impact on the Supply Chain
By Pascal Becotte, MD-Global Supply Chain Practice for the...
Technology's Impact on Field Services
By Stephen Caulfield, Executive Director, Global Field...
Carmax, the Automobile Business with IT at the Core
By Shamim Mohammad, SVP & CIO, CarMax
The CIO's role in rethinking the scope of EPM for...
By Ronald Seymore, Managing Director, Enterprise Performance...
Driving Insurance Agent Productivity with Mobile and Big...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
Transformative Impact On The IT Landscape
By Jim Whitehurst, CEO, Red Hat
Get Ready for an IT Renaissance: Brought to You by Big...
By Clark Golestani, EVP and CIO, Merck
Four Initiatives Driving ECM Innovation
By Scott Craig, Vice President of Product Marketing, Lexmark...
Technology to Leverage and Enable
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
AI is the New UI-AI + UX + DesignOps
By Amit Bahree, Executive, Global Technology and Innovation,...
Evolving Role of the CIO - Enabling Business Execution...
By Greg Tacchetti, CIO, State Auto Insurance
Read Also
COVID-19 Creates a Myriad of Compliance Challenges for Employers
Challenges that Compliance Officers face Today
Risk Exposures and How to Tackle them
Creativity Overcomes Scarcity
Putting The Customer At The Centre Of The Energy Transition
The Rise of Algorithmic Trading In The Power Sector
