Secunia CSI7
About us
Careers
Memberships
Newsroom
Contact us
Blog
News
Articles

New white paper: Securing a moving target

Get this blog as an RSS Feed
12:15 CET on the 29th June 2011
Entry written by Stefan Frei.

I am pleased to share with you our new white paper focusing on the interrelation between IT security, risk management, and compliance: ‘How to secure a moving target with limited resources - Effectively mitigating business risks while the evolution of threats blindfolds traditional defences.’

How can an organisation balance the need to patch systems with the risks it faces and the need for stability? Our research concludes the following:

  • Firstly, compliance does not imply security. Secondly, traditional defences have many limitations and can be bypassed.
  • Patching is a primary security measure as it eliminates the root cause of compromise.
  • It's all about quality not quantity. A comparison of two patching strategies shows that knowing what to patch pays off.
  • However, identifying critical programs to achieve risk reduction is like chasing a moving target.
  • Then the risk of a failed patch vs. the cost of extensive testing needs to be weighed up.
  • Research reveals that an 80% reduction in risk can be achieved by patching and identifying either the 12 most risky programs or the 37 most prevalent programs.
  • Organisations cannot be complacent though, because what works today may not tomorrow. Therefore a dynamic and tactical approach is needed.
  • 0-days are potentially paralysing external forces that are difficult to control. However, it's not all doom and gloom. Organisations hold the power to patch 65% of vulnerabilities on the day of disclosure firmly in their hands.
  • Can they afford to ignore the opportunity to significantly alter their threat landscape?

Overall, this white paper shows that organisations can do more with less. An intelligent patching strategy is an effective approach for reducing vulnerability risks, as well as for maximising operational efficiency with minimal costs.

You can download the white paper here.

I hope you enjoy reading it.

Stay Secure,

Stefan Frei, Research Analyst Director

Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.
Subject: New white paper: Securing a moving target
 
User Message
[+]

omaxpaull

RE: New white paper: Securing a moving target
This reply has been deleted

izattsolo

RE: New white paper: Securing a moving target
[+]
This reply has been deleted

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability