The Enterprise Cyberthreat Gap

Vulnerabilities are operating system and application defects that enable attackers to remotely exploit systems. An exploit is software that takes advantage of Security vulnerabilities to compromise a system.

Detection gap - This is the time between actual breach and discovery: have we been breached?

Response gap - This is the time between discovery to remediation to limit damage: how bad is it?

Prevention gap - This is the time to put preventative measures in place to avoid future attacks: can we avoid this from happening again?

How to handle Threat and Vulnerability Management in 4 steps

Discover threats and vulnerabilities - To discover threats and vulnerabilities, you should start with identifying and categorising the existing assets. The next step is to scan you system for vulnerabilities.

Analyse threats and vulnerabilities - Verify the discovered vulnerabilities against the inventory and prioritise and classify those risks.

Remediate or mitigate threats and vulnerabilities - Now you can apply patches, fixes and workarounds. After that, set the configurations of your system(s).

Verify threats and vulnerabilities - Last but not least, you should create an audit trail of the applied changes and make sure your Change Management is in order. The last step is a rescan to test the implemented patches.

Risk Mitigation

You should focus your remediation efforts on the highest risks and the most critical assets.

Detection - Targeted threat detection, Zero-day, APT detection, exfiltration detection, threat analytics.

Response - Rapid investigation, prioritize and respond, automate or manually isolate and remediate, forensics.

Prevention - Control, monitor and adjust, harden and reconfigure, reduce threat surface.


