Prioritizing risk based vulnerability compliance for Financial Institutions


Record-Breaking Security Vulnerabilities in 2023

According to data from Statista, the amount of vulnerabilities recorded in 2023 hit a record number with 29,000 new vulnerabilities reported. This is a 16% increase since 2022 and a doubling since 2017. In the first week of 2024 there were 612 vulnerabilities reported.

This sheer volume of vulnerabilities being released, coupled with the growing costs of cybercrime, is stressing existing operations teams in keeping up with the volume. Doing everything was never possible, and now it’s not even aspirational. Prioritizing time to make the greatest impact is critical in maintaining a strong security posture.

The Challenge of Vulnerability Remediation

Telling teams to remediate vulnerabilities is like telling firefighters to put out forest fires in the southwest during summer. There are always fires; you will never get them all put out. Given budgetary and real-world resource constraints, what is the stack ranked importance of different priorities in which to invest resources for the maximum impact? This is critical as keeping up with this has become a full-time job as financial services seek to remain compliant and secure. It is not practical or possible to immediately address all vulnerabilities in a financial services company’s large heterogeneous IT environments. Prioritization of risk-based vulnerabilities is critical to ensure organizations can manage security risk while managing operational availability.

Cisco’s Impact on Vulnerability Management

Specifically, Fortune 500 financial services companies who use Cisco Vulnerability Management report an 82% reduction in high-risk vulnerabilities after Cisco Vulnerability Management provided a comprehensive view into the context of the vulnerabilities. This is done by tracking Common Vulnerabilities and Exposures (CVE) across the lifecycle, from initial creation to real-world exploitation. This analysis includes the following data sources:

  • Open-source databases such as MITRE and the NVD (National Vulnerability Database)
  • Other vulnerability scoring sources like IBM X-Force, Silobreaker, and unique research from renowned research teams
  • Early warning indicators derived from dark web sources, blogs, social media, and more
  • Exploit databases like Exploit DB, Metasploit, GitHub, and others
  • Malware analysis, utilizing data from ReversingLabs to determine if a particular CVE is frequently used by malware
  • Information on malware families and threat actors
  • Data on the volume and velocity of successful exploits observed in the wild

Significant Reductions in Remediation Efforts

Through using the Cisco Vulnerability Management approach, Mattel reported a 50% reduction in time spent on remediation. A global 500 hospitality company reported a 75% reduction in time spent on vulnerability investigation. And Charter reported a 75% reduction in time spent on reporting. Scaling the security teams to prioritized response maximizes the focus on the highest threats, and is the purpose of Cisco Vulnerability management.

Prioritizing with Volume and Velocity Data

The collection of volume and velocity data is particularly crucial for security teams seeking to prioritize vulnerabilities. While most vulnerability management vendors track binary yes/no indicators of exploitation, Cisco goes beyond that. Our data provides insights into the number of machines exploited by a specific CVE within the past 24 hours, allowing us to assess if a vulnerability is currently more risky compared to previous days.
All of this data is fed into Cisco Vulnerability Management’s machine learning model-based risk scoring, which incorporates our patented exploit prediction capabilities. The result is the Cisco Security Risk Score (formerly the Kenna Risk Score), which informs our customers about the level of risk associated with a vulnerability based on real-world attacker activity.

Integration with Existing Financial Services Tools

Another key value of Cisco’s Vulnerability management approach is the integration with existing tool sets that Financial Services use. Through expanding the capabilities of existing assets already in use, we create additive value to security teams in creating a complimentary solution that provides enumeration of risks from these other tools.

 

Key Features of Cisco VM specific to regulated financials

Cisco Vulnerability management helps financials focus their risk priorities to make the largest impact. It also helps financials in meeting regulatory requirements, such as those present in the PCI guidance and FFIEC regulatory requirements. Some of the areas Cisco VM can help financials meet regulatory requirements include:

  1. Risk-based Vulnerability Management: Financial institutions are required to manage and mitigate cybersecurity risks. Cisco’s platform uses advanced algorithms to analyze vulnerabilities based on the risk they pose, enabling financial institutions to prioritize and address the most critical threats first, which is often a requirement in financial regulations.
  2. Compliance Reporting: Regulatory bodies often require detailed reports on the security posture of financial institutions. Cisco’s platform can generate reports that demonstrate compliance with various regulatory standards, such as the Payment Card Industry Data Security Standard (PCI DSS) and others.
  3. Threat Intelligence: Cisco’s platform provides threat intelligence that can help financial institutions stay aware of the latest cybersecurity threats. This intelligence can be used to proactively prepare against against potential attacks, which is in line with the proactive stance expected by many financial regulators.
  4. Automated Asset Discovery: Tracking all assets within a financial institution is critical for compliance. Cisco’s solutions can automatically discover and inventory digital assets, ensuring nothing is overlooked in the vulnerability management process.
  5. Patch Effectiveness: Cisco’s platform not only helps prioritize which vulnerabilities to patch but also provides insights into the effectiveness of patches that have been applied. This helps ensure that remediation efforts are successful, essential for maintaining a strong security posture and compliance.
  6. Integrations with Other Security Tools: The integrations listed above are not only important to addressing security but critical for meeting reporting on, tracking, and meeting regulatory requirements. There isn’t one tool that by itself can solve for this, and the integration helps tools focused on audit understand the state of the vulnerability landscape.
  7. Continuous Monitoring: Regulatory requirements often mandate continuous monitoring for vulnerabilities and incidents. Cisco’s platform can continuously scan and monitor the environment, providing up-to-date information about the institution’s security state. Through partnerships, the continuous monitoring component can be even stronger and fit into a financial methodology.

Cisco Vulnerability Management is key to helping financials ensure they are getting the greatest impact out of their security activities through addressing prioritized threats, and ensuring compliance to regulatory requirements.

 

For more information on how Cisco can support your financial services needs,

explore all of our solutions at Cisco for Financial Services

 

Share:



Source link