PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
January 2005

Vulnerability Mismanagement

POLICY & PROCESS You're just plugging holes if you don't have the right processes and policies. Scan, patch and scan again: It's a common process for finding and plugging security vulnerabilities. But, if this is your idea of vulnerability management, it's costing your company time and money without improving your security. Clearly, you need to implement a well-defined, repeatable process that gets the most out of your staff and protects critical business assets and applications. An efficient vulnerability management process can't be implemented without a solid foundation of essential resources, mechanisms, expectations and security policies. How do you determine where to focus your limited resources? Are your most critical assets also the most vulnerable? If you don't know the answers, you're not efficiently managing vulnerabilities--you're simply trying to plug holes as they appear. Without this foundation, you're doomed to work in reactive mode, with no way to validate budgets or measure performance, effectiveness or exposure...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue