Security posture management challenges are driven by the growing attack surface. Organizations have accelerated cloud computing initiatives and have been forced to support a growing population of remote users as a result of the pandemic. Firms are also deploying new types of devices as part of digital transformation initiatives, further exacerbating the growing attack surface, leading to management challenges, vulnerabilities, and potential system compromises. Meanwhile, security teams are also concerned about recent cybersecurity issues including MS Exchange vulnerabilities and the SolarWinds hack. As a result, organizations are further assessing security posture management processes, examining vendor risk management requirements, and testing security more frequently. If you’re a security and risk management leader, the new ESG eBook is a must-read, so download the Security Hygiene and Posture Management eBook right now.
About the report: Understanding security hygiene trends
IT security teams continue to wrestle with managing the increasing number of endpoints and remote workers. There’s a growing need to secure the perimeter while simplifying the technologies that do so. New security approaches like SASE, XDR and zero trust have gained centerstage with the accelerated pace of digital transformation that bring down the walls between siloed security technologies.
To gain insights into these trends, ESG surveyed 398 IT and cybersecurity professionals at organizations in North America (US and Canada) personally responsible for evaluating, purchasing, and utilizing products and services for security hygiene and posture management space. The report shared survey findings and expert advice from conversations with your CISO peers and security practitioners to explore trends alongside tactical suggestions for how you can improve security hygiene and posture management to reduce complexity. ESG believes that CISOs should take a more comprehensive approach to security hygiene and posture management by adopting technologies and processes for discovering assets, analyzing data, prioritizing risks, automating remediation tasks, and continuously testing security defenses at scale.
Key highlights that have driven Cisco’s focus on risk-based security
- Vulnerability prioritization and patching decisions are driven by risk scores from a dedicated risk-based vulnerability management system.
- Gaining insight into asset exploitability, exposure, and impact on critical systems to understand the underlying business risk posed by critical visibility.
Is a risk-based approach an answer to your security problems?
The crux of the problem is the amount of data with which business are dealing. For example, the biggest vulnerability management challenge for nearly a third of ESG’s survey respondents is simply keeping up with the volume of open vulnerabilities within their environment. It’s not at all surprising; on average, organizations can only remediate about 10% of their vulnerabilities.
The Kenna Security branch of our family has been working this problem for over a decade: The “patch everything” mindset is a losing proposition. But the problem extends well beyond just vulnerability management alone—the “fix every and any security threat” mindset is likewise a losing proposition. But if you can’t remedy everything, where do you start? This is the risk-based approach at its core—taking an evidence-based methodology to evaluate the true risk of a vulnerability, threat, incident, etc. to your business. It is, in a nutshell, a data analytics solution to a security problem.
Assessing risk means considering two types of data: real-world attacker trends and the nature of your business environment. You need to be able to answer questions like, “Can this vulnerability be exploited in the wild?” as well as “How critical is the asset or device that the vulnerability is living on?” Vulnerability characteristics like exploitability or volume and velocity of exploitation, as well as device characteristics like exposure and priority become essential in the risk-based equation, because the more exploitable a vulnerability is or the more exposed an asset is, the higher the risk. But to facilitate all the equation, you must have the right technology to get all that data into one place–and then effectively act on it, too.
SecureX evolution: Adding new layers of defense
Many technologies share a common evolution and morph to create further technologies adept at solving problems at a much larger scale. Mature technologies are combined with cutting-edge innovation to meet newer and desirable outcomes. Continuing with our goal of providing our customers with increased visibility and management options, we’ve added another feature to our SecureX platform called device insights. It is designed to consolidate, discover, normalize, and work with your device inventory within SecureX to give your organization comprehensive endpoint inventory. You can keep track of device inventory counts and better understand the expanding and changing nature of your network. The device insights feature enables your organization to identify gaps in control coverage, build custom policies, and explore opportunities to make risk prioritized decisions for improving posture and security hygiene. Furthermore, endpoint searching, and reporting allows you to assess device security posture on employee-owned and contractor-owned devices—without risking business disruption. You’re empowered to stop threats before problems occur!
Download ESG’s Security Hygiene and Posture Management eBook to gain insight into how these trends will equip you to build a case for a platform approach to security — one that transforms the way your people, processes, and technology interact to deliver better outcomes.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Instagram
Facebook
Twitter
LinkedIn
Cisco keeps touting the virtues of “Device Insights” on their webpage, blog posts, YouTube channel… even going as far as using the past tense in the following quote from above:
“Continuing with our goal of providing our customers with increased visibility and management options, we have added another feature to our SecureX platform called Device Insights.”
Yet this functionality is still not available within SecureX. Last I spoke with my Cisco account team it was going to be at least May before the Device Insights functionality is generally available. Why does Cisco keep pushing this functionality as a solution and referring to it as if were available today when they are not able to deliver it for customer use?
Great news! As of today, device insights is GA. We think you’ll find that all of the incredible experiences we’ve been sharing from our Beta community in our content rings true in the live version. Check out more about the feature launch here: https://blogs.cisco.com/security/new-in-securex-device-insights?ccid=cc001528&oid=pstsc028903&dtid=oemzzz000233