There is a great article in the September 2018 issue of WIRED magazine titled The Code That Crashed The World. Authored by senior writer Andy Greenberg, it is “the untold story of the most devastating cyberattack in history”. The article is an in-depth examination of the rapid spread of the NotPetya cyber-invasion. In it, the author references and quotes a conversation between the CEO of a consulting firm and an energy company client. The quote was:
This struck a real chord with me. Too often we see this at our clients, although typically – and luckily – on a less destructive scale. That said, it is important to quickly and correctly implement mitigating security controls when significant gaps are found. Organizations should prioritize their remediation efforts when issues are identified. This includes researching the problems, developing detailed plans to address each of the issues, assigning the appropriate responsible person(s) to each step of the remediation plan and setting a specific timeline for each remediation plan to be completed based on the risk. At times, multiple types of remediation efforts will be required to fully address all identified issues and the corresponding risks.
An example of this would be making a quick configuration change immediately upon discovery of a finding, followed by a more lengthy patch application, including full change management testing before applying the patch into the production environment. The process to identify the issue and document a plan or plans to fix the problem is commonly referred to as the Issues Management process. A well designed Issues Management process is important for all organizations to have regardless of industry. All Cential consultants have over a decade of professional experience designing, quantifying and managing the Issues Management process. Within RSA Archer, we have been implementers, designers, configuration managers, and end-users of the Issues Management solution and the supporting use cases.
We can help your organization evaluate and design an effective and efficient process to manage your findings and remediation plans so you aren’t left lamenting that it is too late for security controls.
Contact Cential today!