Cybersecurity risk management is the process of identifying an organization's digital assets, 检讨现有保安措施, and implementing solutions to either continue what works or to mitigate security risks that may pose threats to a business. 这种持续的 漏洞风险管理 (VRM) is crucial as the organization and the external threat landscape evolves.
VRM是所有业务操作的持续组成部分. New exploits are discovered, followed by patches released to fix them. New potentially vulnerable devices that increase the 攻击表面 频繁加入网络. This is especially true with the significant growth of Internet of Things (IoT) devices and sensors that are being placed in many physical locations.
网络攻击 不是随机的. If you know where to look, there are usually signs of a planned attack against an organization. Telltale markers of an imminent attack include mentions of the organization on the dark web, the registration of similar domain names to be used for phishing attacks, and confidential information - such as user account credentials - put up for sale.
许多组织没有维持持续的 漏洞管理(VM)程序 of their cybersecurity risk after they conduct a Cybersecurity Maturity Assessment and take initial steps to bolster security.
A cybersecurity risk management strategy implements four quadrants that deliver comprehensive and continuous 数字风险保护(DRP). DRP platforms use multiple reconnaissance methods to find, track, and analyze threats in real time.
使用这两种 妥协指标(ioc) and indicators of attack (IOAs) intelligence, a DRP solution can analyze risks and warn of attacks. 让我们来看看这四个象限:
Map - Discover and map all digital assets to quantify the 攻击表面. Use the map as a foundation to monitor cybercriminal activity.
Monitor - Search the public and dark web for threat references to your digital assets. 翻译发现了对可操作情报的威胁.
Mitigate - Automated actions to block and remove identified threats to digital assets. Includes integration with other security initiatives in place.
Manage - Manage the process used in Map, Manage, and Mitigate quadrants. Enriching IOCs and prioritizing vulnerabilities in this step is also essential to successful digital risk protection.
Implementing cybersecurity risk management ensures cybersecurity is not relegated to an afterthought in the daily operations of an organization. Having a cybersecurity risk management strategy in place also ensures that procedures and policies are followed at set intervals, 这种安全措施是不断更新的.
网络安全风险管理 provides ongoing monitoring, 识别, 以及减轻以下威胁:
Cybersecurity risk management is important because it helps a business assess its current cybersecurity risk profile. This informs decisions the security organization will make moving forward in order to reduce the level of risk and address vulnerabilities.
Cybersecurity risk management is also important because it helps to bring about situational awareness within a security organization. Simply put, analysts don't know what they don't know. Awareness is the ability to look at all the information available, 认识到什么是重要的, 并采取相应的行动.
It's essential to have a clear understanding of the risks in your organization and those that might arise in the future. You can assess awareness according to three distinct levels:
Cybersecurity risk management is the overarching umbrella under which specific kinds of security risk mitigations fall. 实施战略评估, identify, mitigate, and remediate vulnerability and risk is critical to every security organization operating on any level in any sector.
Learn about Rapid7's Cloud Risk Management Solution