By Maria Eriksen Jensen
Are you aware of best practice for successfully managing and eliminating vulnerabilities in your IT infrastructure?
The new Research Brief report by Aberdeen Group, "Managing Vulnerabilities and Threats (No, Anti-Virus is Not Enough), presents interesting findings on this topic; it provides excellent guidance for organisations planning to establish, or replace, a security framework/process to safeguard productivity and profitability, and gives insights into best practice for top IT performers.
IT infrastructures – described in the report as "enemy-occupied territory" – are in danger. The number of vulnerabilities caused by insecure 3rd-party programs and plug-ins is increasing. Vulnerabilities are not just a one-off problem, they pose continuous risks that need to be anticipated, monitored, and remediated at all times. Being unprepared for IT security incidents can lead to catastrophic consequences such as unplanned downtime, loss of or exposure to sensitive data, damage to brand or reputation and reduced revenues, etc.
IT security risks are not being caused by the usual suspects anymore.
In order to exceed expectations and protect your organisation at the same time, Aberdeen Group recommends a continuous, multi-application process that covers the entire vulnerability management lifecycle. Patch management is revealed as a key differentiator.
According to Aberdeen Group: "Aberdeen refers to network firewalls, network vulnerability scanners, email security, web security, and anti-virus/anti-malware as baseline technologies: they are absolutely necessary, but by themselves they do not differentiate top performance. On the other hand, patch management and configuration/change management technologies are found to be stronger differentiators of Best-in-Class performance."
To read the full findings of the Aberdeen Group report, click here:
Maria Eriksen Jensen
Business Development Manager