Express Computer
Home  »  Guest Blogs  »  Gartner: How to Manage Cybersecurity Threats, Not Episodes

Gartner: How to Manage Cybersecurity Threats, Not Episodes

0 129

By Jeremy D’Hoinne, VP Analyst at Gartner 

Today’s cybersecurity attackers pivot fast, leaving organizations scrambling to automate controls and deploy security patches to keep up, but such tactics don’t reduce future exposure. What’s needed is a continuous threat exposure management (CTEM) program that surfaces and actively prioritizes whatever most threatens your business. Creating any such program requires a five-step process.

Step No. 1: Scope for Reducing Cybersecurity Exposure

Start by scoping your organization’s “attack surface” — vulnerable entry points and assets — which extends beyond the focus of typical vulnerability management programs. Include not just traditional devices, apps and applications but also less tangible elements such as corporate social media accounts, online code repositories and integrated supply chain systems. 

Organizations looking to pilot their first CTEM initiative could consider one of the following two areas:

  • External attack surface, which combines a relatively narrow scope with a growing ecosystem of tools.
  • SaaS security posture, which has become an increasingly important area of focus as more remote workers have resulted in more critical business data being hosted on SaaS.

Step No. 2: Develop a Discovery Process for Assets and Their Risk Profiles

While many discovery processes initially focus on areas of the business that were identified during scoping (Step No. 1), they should proceed to identify visible and hidden assets, vulnerabilities, misconfiguration and other risks.

Confusion between scoping and discovery is often the first failure when building a CTEM program. The volume of discovered assets and vulnerabilities is not success in and of itself; it’s far more valuable to accurately scope based on business risk and potential impact.

Step No. 3: Prioritize the Threats Most Likely to Be Exploited

The goal of this process is not to fix every single security issue. Prioritization should factor in: 

  • Urgency
  • Security
  • Availability of compensating controls
  • Tolerance for residual attack surface 
  • Level of risk posed to the organization

The key is to identify the high-value assets of the business and focus on a plan of treatment that addresses them. 

Step No. 4: Validate How Attacks Might Work and How Systems Might React

First, confirm how attackers could exploit a vulnerability. Analyze all potential attack pathways to the asset and identify if the current response plan is fast and substantial enough to protect the business. Also, key is convincing all the business stakeholders to agree on what triggers lead to remediation. 

By 2026, organizations that prioritize their security investments based on a continuous exposure management program will be 3x less likely to suffer a breach.

Step No. 5: Mobilize People and Processes

You can’t wholly rely on the promise of automated remediation (though it might make sense for some obvious and unobtrusive issues). Rather, communicate your CTEM plan to the security team and to business stakeholders, and make sure it’s well understood. 

The objective of the “mobilization” effort is to ensure teams operationalize the CTEM findings by reducing any obstacles to approvals, implementation processes or mitigation deployments. In particular, document cross-team approval workflows. 

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
Enable A Truly Seamless & Secure Workplace.
Register Now
Attend Inida's Largest BFSI Technology Conclave!
Register Now
Know how to protect your company in digital era.
Register Now
Protect Your Critical Assets From Well-Organized Hackers
Register Now
Find Solutions to Maintain Productivity
Register Now
Live Webinar : Improve customer experience with Voice Bots
Register Now
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
Virtual Conference : Learn to Automate complex Business Processes
Register Now