Skip to content
11:11 Systems
Rethink Connected
11:11 Systems11:11 Systems
  • Why 11:11
    • Submenu
      • Column 1
        • 11:11 Systems Consulting
          Consulting Services
          Global Regions
          Cloud Regions
          11:11 Systems Security
          Security

      • Column 2
        • Cloud Console
          Cloud Console
          Catalyst
          Planning and Assessment
          Compliance
          Compliance

      • WHY CHOOSE 11:11
      • Overview
      • Leadership
      • News & Media
      •  
      • Careers
      • Technology Partners
      • Customer Stories
  • Products & Services
    • Products & Services
      • CLOUD
      • Cloud Overview
      • Public Cloud
      • Private Cloud
      • Object Storage
      • Cloud Labs
      • Colocation/Bare-Metal
      • BACKUP
      • Backup Overview
      • Veeam Backup
      • Microsoft 365 Backup
      • Managed Backup for Cohesity
      • Data Protection Services
      • DISASTER RECOVERY
      • DRaaS Overview
      • DRaaS for Veeam
      • DRaaS for Zerto
      • DRaaS for Azure
      • Managed Recovery
      • Cloud Recovery
      • Cyber Incident Recovery
      • Business Continuity Consulting and Services
      • Physical Infrastructure Recovery Services
      • SECURITY
      • Security Overview
      • Continuous Risk Scanning
      • Managed Detection and Response
      • Managed SIEM
      • Managed EDR
      • Managed Firewall
      • CONNECTIVITY
      • Connectivity Overview
      • SD-WAN
      • Multi-Cloud Connect
      • Managed IP
  • Solutions
    • Solutions Submenu
      • INDUSTRY
      • Education
      • Financial
      • Government
      • Healthcare
  • Partners
    • Partners Submenu
      • Overview
      • Become a Partner
      • Partner Portals
  • Resources
    • Resources Submenu
      • Events
      • Webinars
      • News & Media
      • White Papers
      • Podcast
      • Data Sheets
      • Customer Stories
      • Innovation Blog
  • Support
    • Support Submenu
      • Contact Support
      • Product Documentation
      • API Documentation
Search:
  • Console Login
  • Contact
Header Right Menu
Free Trial
  • Why 11:11
    • Consulting Services
    • Cloud Console
    • Cloud Regions
    • Planning and Assessment
    • Security
    • Compliance
    • WHY CHOOSE 11:11
    • Overview
    • Leadership
    • News & Media
    • Careers
    • Technology Partners
    • Customer Stories
    • Blog
  • Products & Services
    • CLOUD
    • Cloud Overview
    • Public Cloud
    • Private Cloud
    • Object Storage
    • Cloud Labs
    • Colocation/Bare-Metal
    • BACKUP
    • Backup Overview
    • Veeam Backup
    • Microsoft 365 Backup
    • Managed Backup for Cohesity
    • Data Protection Services
    • DISASTER RECOVERY
    • DRaaS Overview
    • DRaaS for Veeam
    • DRaaS for Zerto
    • DRaaS for Azure
    • Managed Recovery
    • Cloud Recovery
    • Cyber Incident Recovery
    • Business Continuity Consulting and Services
    • Physical Infrastructure Recovery Services
    • SECURITY
    • Security Overview
    • Continuous Risk Scanning
    • Managed Detection and Response
    • Managed SIEM
    • Managed EDR
    • Managed Firewall
    • CLOUD CONNECTIVITY
    • Connectivity Overview
    • SD-WAN
    • Multi Cloud Connect
    • Managed IP
  • Solutions
    • INDUSTRY
    • Education
    • Financial
    • Government
    • Healthcare
    • Column 2
  • Partners
    • Overview
    • Become a Partner
    • Partner Portals
  • Resources
    • Events
    • Webinars
    • News & Media
    • Whitepapers
    • Podcast
    • Datasheets
    • Customer Stories
    • Innovation Blog
  • Support
    • Contact Support
    • Success Center
    • API Documentation
  • Contact
  • Console Login
  • Free Trial
Tags: The NIST CyberSecurity Framework
Author: Brian Knudtson
Date: January 11, 2023

Risky Business: Managing Vulnerabilities by Prioritizing Risk

The key to protecting a network from cybercriminals is easier said than done: Build defenses around the areas said criminals are most likely to enter. Of course, these entry points aren’t always obvious — leaving our networks frighteningly vulnerable.  

The National Institute of Standards and Technology (NIST) defines a “vulnerability” as a “weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.” Identifying these vulnerabilities is an important step (in fact, it’s first key function of the NIST Cybersecurity Framework), but it cannot be the only step. Once identified, these vulnerabilities need to be protected. 

In today’s increasingly treacherous IT landscape, most people are familiar with the cybersecurity concepts of vulnerability scanning and penetration testing. Both are designed to pinpoint network vulnerabilities, so that better defenses can be built. Utilizing such tools can sometimes reveal an overwhelming number of vulnerabilities, especially on the first scan. The type of protection needed can vary depending on the vulnerability, but may rely on patching the affected system, blocking ports on a central or host-based firewall, changing ACLs on the network, or adjusting permissions on a server.  

Since many of these remediations not only require execution time, but also planning, and no company has infinite resources to address these vulnerabilities immediately, it’s important to prioritize the protection of these vulnerabilities. 

Traditionally, the easiest way to rank order vulnerabilities has been by CVSS score. The Common Vulnerabilities and Exposures (CVE) system provides a framework for announcing and scoring the potential impact of the vulnerability, then tracking them in a central database. As part of this system, the Common Vulnerability Scoring System (CVSS) is a standardized way for communicating the severity of a given vulnerability on a scale of 0.0 to 10.0. Based on several metrics, this score can help organizations prioritize vulnerabilities based on the ease and impact of exploiting the vulnerability. For example, the CVSS score of the original Log4j vulnerability (CVE-2021-44228) was a 10.0 (Reminder: The scale only goes to 10.0!) given the ease of exploitation and the ability to execute arbitrary payloads. 

The downside to relying solely on CVSS score is that it fails to reflect the ease and impact of exploiting a vulnerability in any given environment. Returning to the Log4j example: If that vulnerability only existed on isolated systems, in a privileged administration network with minimal access rights, it may not be as important to remediate as one on systems with the latest Remote Desktop Protocol (RDP) vulnerability (CVE-2022-26940) that are exposed to the Internet, despite registering a score of “only” 6.5.  

(Side note: Never expose RDP directly to the Internet. That is one definitively bad practice.) 

The prioritization of a lower CVSS vulnerability is because the risk of the Log4j vulnerability is relatively less than the RDP vulnerability to that specific environment. A compounding factor to the risk of a given vulnerability is if it is actively being exploited in the wild, so both factors should be considered in the prioritization of vulnerability remediation. 

Given the scale of today’s network environment and the number of vulnerabilities discovered each year — 28,695 in 2021, a new annual record — organizations need to have an automated way to discover and prioritize vulnerabilities based on the risk to their environment.  

Of all those new vulnerabilities in 2021, just over 4,100 can be exploited remotely, have a known exploit available, and can be patched. Applying knowledge like this can drastically reduce the priority list for remediation. Utilizing a tool like 11:11 Continuous Risk Scanning (CRS) gives customers that knowledge in a context that makes it clear what vulnerabilities put them at risk based on their own infrastructure and the likelihood of it being exploited. 

By approaching vulnerability remediation based on actual risk, organizations can be much more efficient when planning and executing their remediation plans, and thus achieve a more secure environment.

Categories: Cybercrime, Ransomware, SecurityBy Brian KnudtsonJanuary 11, 2023
Tags: The NIST CyberSecurity Framework

Author: Brian Knudtson

In his 20-year career, Brian has experienced many different perspectives of the IT industry. He has worked as a value-added reseller, vendor and service provider in roles in web development, system administration, post-sales deployment, pre-sales architecting, public cloud design and technical marketing. Currently, Brian is the Director of Cloud Market Intelligence at 11:11. He enjoys spending time with his wife and three kids. He is also heavily involved with the Destination Imagination program and has been a long-time member of the VMware community, notably starting the Omaha VMUG and putting on VMunderground at VMworld. You can find him online occasionally blogging at http://knudt.net/vblog and tweeting at @bknudtson.

Post navigation

PreviousPrevious post:How businesses can respond to IT disruptions during the holiday seasonNextNext post:11:11 Managed Connectivity Solutions

Related Posts

cyber threats, cyber attacks, cyberthreats, cyberattacks, cyber incidents, ransomware
As MGM Struggles Amid Ransomware Fallout, Data Recovery Lessons Abound
September 18, 2023
layered security strategy
Why a Layered Security Strategy Matters
September 11, 2023
Are You Cyber Recovery Ready?
September 7, 2023
protect your brand reputation from cyber-attacks, stay under the radar
“Flying Under the Radar:” How to Protect Your Organization’s Reputation
August 31, 2023
Managed NGFW
“Don’t be a “Holdover”: Is it time for a Next Generation Firewall?
August 22, 2023
Cloud Challenges
Spending, Security, and Expertise Are the Top 3 Cloud Challenges — But They Don’t Have to Be Yours
August 21, 2023
PRODUCTS & SERVICES
  • Cloud
  • Backup
  • Disaster Recovery
  • Managed Security
  • Connectivity Solutions
  • Compliance
COMPANY
  • Why 11:11
  • Customer Stories
  • Careers
  • Leadership
  • Technology Partners
  • News & Media
  • Contact Support
CLOUD REGIONS
  • North America
  • EMEA
  • APAC
CONNECT
  • LinkedIn
  • Twitter
  • Youtube

© 2023 11:11 Systems Inc., All Rights Reserved | Privacy Notice |

Go to Top

https://1111systems.com/wp-content/uploads/2023/04/HPE-video-for-1111-SKO.mp4

https://1111systems.com/wp-content/uploads/2023/04/Dell-Global-Alliance-video-for-1111-SKO.mp4