Depend on the context and use case, and how the specific enterprise is divide the structure to get things done, in the domain of governance, risk management and compliance (GRC) in the high level, or to more operational level of threat and vulnerability management (TVM) or to tactical level of threat intelligence feeds (IT feeds) or vulnerability management, it got range of possibility to carry out sound threat and vulnerability management according to the enterprise lifecycle or at specific stage the needs for it, and or what the next to be.
Adopting too early for emerging technologies or investing too much before head may not make business sense, as the technology keeps changing at the speed of light. With the world transit towartd the endpoint protection platform (EPP), so mature of the respective solutions, the world is now moving toward unified threat and vulnerability management as you can observe from various vendors who roll out their offer for it.
For enterprises that do not need a full solution, and not in particular to adopt or in the emerging of the technologies, you may wait and see. As the component offer can not run away from the modern established approach, it matters for either a vendor acquiring more vendors to complete their offer, or in house developing it.
Before we go further, let’s re-visit the very core of the subject matters – the risk, threat and vulnerability. In cybersecurity, risk refers to the potential for less damage or destruction of assets or data that have value. Threat refers to a negative event, such as a zero day exploit or a vulnerability. Vulnerability refers to a weakness that exposes you to threats, therefore increasing the likelihood of negative events. So in the very high level, it is all about managing cyber exposure, from the very beginning to identifying assets, performing assessment and with risk score and determining what to do next from there. This is the reason why, on each enterprise, beyond the technical management layer, it looks for the governance, risk management and compliance (GRC).
In the market no such thing as a bullet proof solution really exists, do not be misled with the various vendor marketing statements. Each generation will have each generation’s main offering invented and then replaced by better product inventions. No matter how advanced the vendor will claim their product can be, those on the GRC can not do all the things in the TVM. They are designed to complement each other.
For some enterprises, maybe what is needed is just a generic vulnerability scanner to perform ad hoc on demand scanning and generate the vulnerability report as input for the higher GRC reportings. Different industries and sectors have very different needs and requirements. Some may require highly specialized threat intelligence feeds (TI feeds) while others just need generic threat intelligence feeds offered, such as open sources or input from vulnerability assessment or penetration testing only. Some held true as well, for some enterprises just need generic vulnerability scanners, others may need specialized web vulnerability scanners.
Another area that can not be overlooked is the modern unified endpoint protection across modern devices, from traditional desktop, workstation and laptop to IoT device, smartphone, tablet.
So the right way to implement threat and vulnerability management, is also based on your internal requirements first. It is pointless to refer to other enterprises which have completely different structures and challenges to be facing. Remember, all the tools and products offered in the market, just a means for you to execute what you want to do, and you should use it for your purpose in hand. You are surprised to see a lot of enterprises are being either misled and in the process of implementing endless new technologies and solutions, while without realizing what they really need and want.
E-SPIN Group in the enterprise ICT solution supply, consultancy, project management, training and maintenance for corporation and government agencies did business across the region and via the channel. Feel free to contact E-SPIN for your project requirement and inquiry.
Related post that may interest you: