Cybersecurity Tip of The Day #8

Having issues with vulnerability management? Limit your scope to critical infrastructure and work your way outward from there.

Vulnerability management can be one of the most difficult programs to run, often times netting very little return on your investment. A common mistake made is the desire to scan all systems and report on them day one. This is a likely recipe for failure.

Instead, step into this kind of program slowly. Inventory and classify your most critical infrastructure first. Assign agreed-upon system owners and make them aware of your intentions and expectations, then begin scanning and reporting.

Now you've created a scenario of needing to scan and chase down only 5% of the vulnerabilities you previously were, all while doing so on the most critical assets in need of protection. Slowly work your way outward to other systems and devices from here, handfuls at a time, until you achieve your overall goal.

#cybersecurity #vulnerability