In the webinar, “Detecting the Bear in Camp: How to Find your True Vulnerabilities”, Jesika McEvoy and Ryan Poppa discussed what it takes to be successful in a vulnerability centric world. Many companies fall short when it comes to remediation after spending too much time trying to scan everything and find every vulnerability. Jesika and Ryan shared best practices for how to avoid this mistake and focus on remediation that matters the most to your organization's vulnerability management program. Read on for the top takeaways from this webinar:
1) Simply Communicate – Good communication can't be overvalued – not just within your own team, but across all remediation teams, leadership, auditors, and more. Handing out large, general vulnerability reports won't drive any progress. Never distribute information without context. Make sure your results are delivered in a targeted and actionable format to the teams they're relevant to (ie. desktop results to the desktop team, network results to the network team, etc.). Steps given out must be actionable so that a repeatable process is created, and so teams have a real idea of how to create a solid plan for getting the remediation done right. Be able to give a summary to business leaders that have ownership over different remediation teams so they can coordinate, drive, and prioritize tasks as needed.
2) Set Clear-Cut Goals – Set goals that drive remediation and success. Incorporate your process into the overall workflow at your organization in a timely manner that teams can come to expect, and include assignment dates for accountability. It's up to you to understand where your greatest risks are when formulating goals. Think about where your focus needs to be to get the best bang for your buck when reducing risk at your organization. Progress can be big and sweeping, or small and incremental, as long as the importance and impact of each change is communicated and understood across teams.
3) Measure & More – Be able to prioritize assets, measure overall success, and demonstrate success to others. Have a standard that is easy to measure against and that can provide visibility into what is being accomplished overall, and how your organization may need to invest from a security and training perspective to drive improvement. If progress isn't being made on a certain team, find out whether it's due to laziness or being overworked. Create competition among remediation teams wherever possible to foster a competitive spark and allow them to understand if and where they're improving and contributing to the organization's progress.
For the in-depth view of how to improve remediation and optimize your vulnerability management program (and for some great bear analogies): view the on-demand webinar now.
Learn more on this subject and all things security all summer long at Rapid7's free Security Summer Camp.