Vulnerability Management in the Work from Home Era
A Stanford study estimates that nearly half the U.S. labor force is working remotely due to COVID-19. While readers of this post are likely very cyber-aware, such a standard probably can't be applied to the millions of American employees logging in from factory setting or unsecured WiFi networks. Meanwhile, Information Systems Security Association (ISSA) recently published a report, “The Life and Times of Cybersecurity Professionals 2020” highlighting that almost half of the hundreds of global security and IT professionals surveyed believe that the widely acknowledged cybersecurity skills shortage has worsened over the past few years.
To sum- we have more risk and fewer qualified people to manage it.
Threat actors have already taken advantage of this new COVID playing field to exploit vulnerabilities. Cybersecurity practitioners need to be matching vulnerabilities with potential impact – and – likelihood of exploitation. Teams must be proactive and predictive.
Organizations can use CYR3CON's F.I.T. assessment to identify significant threats based on known vulnerabilities and actual Dark Web discussions in the threat actor community.
Jaquar Harris covers this in greater detail in a blog post here: https://blog.cyr3con.ai/vulnerability-management-in-the-work-from-home-era