Imagine heading to the office on Monday morning. The company you work for has been breached during the weekend and it’s your responsibility to notify the board members. You scroll through the e-mails you received from the security engineers and it turns out that an attacker has successfully compromised the enterprise network.
You hear about security issues and breaches so often that you have almost stopped listening to it ..until you are targeted by an attacker. It is actually not that hard to raise the bar if everyone just would do the basic security measures we would not hear so much about security issues.
here are still serious exploits from 2010 that are not patched today...and even though solutions exists; a lot of organizations have not remediated those exploits why one should focus on Patch Management.
Data breaches are nowadays a common factor risk but there are ways to reduce the risk. Know your assets and get on top of your infrastructure, even if you have Signature-Based Defences and Content-Based Protection you still need to work with updating and patching your systems.
To work with Vulnerability Management is similar to preventing bad things to happen over time and is basically the exercise of limiting the chance of a breach by remediating vulnerabilities thereby reducing one’s overall risk level of being hacked.
If you look at your company network as a company car you know that every now and then you will have to drive the car to the motor vehicle inspection.
After the inspection you get a list of what type of defects the car has and how severe the defects are.