top of page
ICIT Research

The Modern Security Battlefield: What 2020 taught us about gaps in vulnerability management

Updated: Feb 12, 2023

PRIMER to ICIT VIRTUAL BRIEFING

With prolific security breaches such as SolarWinds dominating the news, organizations are daunted by the fear that they could be made infamous in the next major breach. Developing a mature and tightly connected security framework that enables the reduction of risk and improves security capabilities is more critical than ever. While 2020 was fraught with tragic outcomes of social and economic proportions, security teams have learned many lessons on resilience and have orchestrated many technical innovations to secure a distributed workforce. An expanded attack surface, defending against sophisticated multi-stage and multi-vector attack campaigns, and a pressing need to improve operational efficiencies have reframed digital transformation priorities. One important element to help address this challenge is having better automation tools that simplify remediation, provide an operational advantage, and improve security. But are these tools primed and ready to deliver the CISO with quick time to value, a comprehensive risk remediation plan to present to the Board, and assurance that the organization will maintain a mature vulnerability and risk management program that averts increasing attacks? A fresh approach to breach and attack prevention is needed to shift defense paradigms towards proactive security.


Read More


At the April 8, 2021, ICIT panel discussion, subject matter experts discussed the gaps that COVID 19 uncovered in current vulnerability management programs and why the combination of trustworthy security policy management and closed-loop vulnerability remediation will become the new citadel for securing large and increasingly complex enterprise networks.




ICIT VIRTUAL BRIEFING

Join us to learn the importance of integrating automation into full lifecycle vulnerability management:

  • Scoping your efforts to target vulnerabilities that matter

  • Using the ‘ex-factor’ of exposure analysis plus exploitability data to focus remediation efforts

  • Creating a cohesive web between existing security products to automate and deliver remediation from discovery to resolution

  • Developing a mature and tightly connected security framework that enables the reduction of risk and improves security capabilities

Panelists Include:

  • John Agnello, Chief, Development Branch at United States Cyber Command

  • Renee Wynne - former, CIO NASA

  • Steven Pruskowski, Security Test & Evaluation Lead, Cybersecurity and Infrastructure Security Agency



POST BRIEFING TAKE-A-WAY

The COVID-19 pandemic forced a mass migration to a distributed workforce. For many organizations, this exposed the shortcomings, inefficiencies, and vulnerabilities in their networked systems and processes. Many companies tried to plug the gap using automated tools to simplify remediation efforts, improve resiliency, and provide a competitive edge. However, if automated solutions lack the proper scoping and management mechanisms, they may not deliver the essential insights necessary to thwart an emerging attack. At the April 2021 ICIT virtual event, “The Modern Security Battlefield: What 2020 Taught Us About Gaps in Vulnerability Management,” panelists discussed the gaps that the COVID-19 pandemic uncovered in current vulnerability management techniques and why trustworthy security policy management and closed-loop vulnerability remediation are becoming the new citadel for securing complex, large, enterprise networks.


This ICIT Research Publication proposes a fresh approach to breach and attack prevention by focusing the Vulnerability Management Lifecycle on:

  • Discovery

  • Prioritization

  • Remediation

  • Oversight

Read the Full Whitepaper






ABOUT OUR THOUGHT LEADERSHIP INITIATIVE SPONSOR

Skybox provides the industry's broadest cybersecurity management platform to address security challenges within large, complex networks. By integrating with 130 networking and security technologies, the Skybox Security Suite gives comprehensive attack surface visibility and the context needed for informed action. Skybox Security serves retail, energy, defense, telecommunication, and government sectors worldwide.


bottom of page