My previous two posts covered the, and the 9 features and capabilities you should insist upon in a security assessment solution.
Now I’d like to address a conundrum I’m often asked about:
Since cyberattacks keep evolving, and the organization’s cybersecurity maturity level also keeps evolving, how can companies avoid constant, disruptive and expensive renovations to their security assessment solutions and processes?
The last thing your company wants to do, as it progresses up the maturity scale, is rip and replace its investments for assessing security vulnerabilities. The impact on ROI can be devastating—not to mention the impact on staff who might need to be retrained or forced to take on an even heavier workload.
So, what are the underpinnings of an adaptive assessment solution? There are 5 criteria:
Framework flexibility. Companies of all maturity levels are taking advantage of open, security frameworks such as
to set up a baseline measurement of security risks and test against the latest evasion techniques. However, as companies mature, these frameworks can become limited and restrictive in their ability to aggregate, correlate, and report on events and other data. Look for an assessment solution that can both support and integrate a variety of frameworks, so that data can be gathered and consumed flexibly as your maturity level grows.
Choice of assessment methods. There are many tools and techniques for assessing security vulnerabilities—from scanning to pentesting to risk assessments and remediation. You should be able to use any combination of them at any time, regardless of your maturity level, according to your business priorities. For example, you should be able to move from reactive pentesting to continuous, proactive assessments seamlessly, without scrapping previous investments.
Breadth of assessment capabilities. The assessment tools and solutions you choose should provide the broadest possible range of functionality, ideally incorporating all of the 9 features described in my previous post—from endpoint assessment to constantly updated threat intelligence to event correlation across the architecture, and more.
Advanced automation. Look for assessment solutions that can help you automate a wide range of previously manual tasks such as scheduling, polling, and reporting, so that skilled staff can spend more time on higher-value tasks. Regardless of your cybersecurity maturity level, higher productivity and job satisfaction greatly improve the ROI of your security investments.
Limited number of suppliers. To maximize efficacy and minimize cost and risk, you’ll want to constrain the number and variety of sources for security assessment tools and solutions to the lowest number possible—ideally a single source.
Adhering to these 5 criteria will help you minimize the disruption and growing pains as your maturity level increases, while maximizing the effectiveness of your security assessment capabilities. For details about Spirent’s uniquely flexible offerings, please read the executive brief about Spirent’s cybersecurity solutions.