Network Security is a vital part of the Network Security operation within the IT Security environment. In recent times, malware and other network attacks have increased in frequency and sophistication. In parallel, digital migration has increasingly opened up network access to remote users, both internal and external to the organisation.
In the past, IT Security concentrated on users and devices but is increasingly transitioning to a focus on data access. IT Security is no longer the Cinderella operation in IT but now is a vital part of preserving the security of the organisation’s data.
Vulnerability testing is the process of regularly probing network defences to look for existing and new loopholes and gaps in network security that could be exploited by a third party for malicious purposes.
This requires that vulnerability testing is a fixed part of the network management programme of work.
Why is it important? And why should it be carried out regularly?
The main reason is that the security environment is very fluid and is always changing. New vulnerabilities are continually developed and deployed by hackers. They are also introduced with software upgrades or the installation of new applications. A business may change its business profile and become an attractive target for malicious network attacks.
That implies that the scope of vulnerability testing needs to be updated as these new threats emerge and that in turn implies that the network people need to know what these new vulnerabilities are.
It must be borne in mind that it’s not just the technical issues that vulnerability testing must look at. According to the FBI, user errors cause over 80% of all security incidents. There are security loopholes in user procedures, and they will need to be tested and updated to reflect the changing environment. A few years back, ransomware would not have figured in vulnerability testing, but it most certainly does today.
Regular Vulnerability Testing is needed to test network defences against new threats and attack vectors.
Regular Vulnerability Tests will include the following important elements:
-
A control check
Policies and procedures, controls and off-line tools and techniques need to be regularly reviewed and updated as necessary. It is important that they stay up to date and relevant.
-
Identifying and assigning priorities to new and existing threats
This procedure is very similar to the risk analysis carried out in Project Management. Existing and new threats are assessed for the likelihood of their occurring, the effects if they do and the costs of rectification. Sometimes it is more cost-effective to let them happen and sweep up afterwards. IT can then concentrate resources on preventing greater, perhaps business-critical threats.
-
Assessing the networks ability to cope with network-based attacks
DDoS and other denial of service attacks can be catastrophic, particularly for online businesses. If users cannot reach an online sales site or receive a substandard level of service, they will go somewhere else Regular vulnerability testing will identify where these types of attack could be successful and allow IT to bolster defences.
-
Security of individual devices, particularly key devices like routers and switches
It is unfortunate, but it is common not to change device management passwords and leave them at the manufacturer’s default. They must be changed regularly, and a secure list maintained. Again this is where a defined procedure in regular vulnerability testing will highlight insecure devices. New and replacement devices added to the network need to be chacked.
-
Use proprietary tools to look for known and potential threats and vulnerabilities
As might be guessed regular vulnerability testing is a strain on IT time and resources. The process can be greatly eased by using automated tools to assist with testing. If it is possible, schedule regular automated unattended tests. In some areas of high risk, the tool can be used continuously to monitor network safety and performance.
It is important, as with anti-malware software to make sure that the detection information is kept up to date.
The output from the regular vulnerability testing will include a list of the vulnerabilities uncovered and the recommended strategy to counter them. Over time, this will be a useful indicator of security trends.
Having a secure network is a non-negotiable fact of IT life. Vulnerability Testing is an excellent addition to the armoury of security tools.