Article

Are you overlooking a key component to cybersecurity risk management? 

How vulnerability scanning can improve IT operations

Jan. 9, 2023 · Authored by Brian Nichols

Organizations rely heavily on technology to support their operations and it takes a variety of internal team members to ensure that technology is available and secure. IT teams were stretched thin prior to the pandemic and have become even more resource constrained since the pandemic started. The priority for most IT professionals is the availability of IT assets that support critical business services. And with the pandemic, IT teams have had to make these critical internal resources available to employees working out of the office. This shift has created new security risks that IT teams have had to adapt to and manage.  

While maintaining the availability of IT assets is the main priority of IT teams, security continues to remain a top concern. IT teams have had to adapt to remote working environments, not only for themselves but also for the company as a whole. Maintaining a secure internal environment, while also allowing end users more flexibility in how and where they work creates new challenges. One of the top challenges is how to ensure remote systems that are not always on the company network are patched on a regular basis and maintain the same security posture as if they were still in the office.  

Vulnerability management is a foundational security capability that ensures an organization’s IT assets are protected and not easily compromised. IT teams must focus their efforts on the secure configuration of systems, whether they are in-office or remote, and regular patch management of both the operating system and installed applications. To assist in the secure configuration of IT assets, the Center for Internet Security (CIS) has developed a variety of recommended security configurations for IT teams to utilize as a starting point. Additionally, Microsoft has begun including some third-party applications as part of its Endpoint Configuration Manager (formerly known as SCCM).  

However, new vulnerabilities and exploits are discovered every day. And while many systems may start in a secure manner, over time configurations may be changed for troubleshooting or the addition of new functionality. This is where vulnerability scanning tools and services play a major role in maintaining a secure IT environment. Running vulnerability scans on a regular basis allows an organization’s IT team to quickly identify IT assets that may be missing critical patches or have drifted from the original security configurations. Vulnerability scanning also provides insights into vulnerabilities introduced by third-party applications installed on end user workstations that are not receiving regular patches from the vendor.  

Performing regular vulnerability scanning is only the first step. IT teams must also focus on the remediation efforts to close identified vulnerabilities. Vulnerability remediation tracking is an important component to any mature vulnerability management program. Too often known vulnerabilities are discovered, a report is sent to IT for review and remediation, and then a new high priority item comes in that takes attention away from the remediation effort. As mentioned previously, IT teams are resource constrained and this can lead to team members focusing on firefighting efforts rather than ongoing maintenance of IT systems. Having a strong governance function within an IT team ensures that operations can run smoothly and also ensures that known vulnerabilities will not be forgotten and turn into the next fire drill.