Cyber-criminals know where your vulnerabilities lie, do you?

Sixty percent of security breaches are due to unpatched vulnerabilities, according to a 2019 cyber security survey by the Ponemon Institute.

This means they could have easily been prevented by a Vulnerability Management (VM) program, which helps organisations adopt a proactive approach to cybersecurity by identifying potential vulnerabilities so that they can be patched, before they become a problem.

As a core IT security requirement, vulnerability management helps IT teams to understand exactly what threats they face, and easily prioritize which ones to tackle first.

So, why are so many breaches caused by unpatched vulnerabilities?

According to Zaheer Yusuf, Pre-Sales Consultant – Information Security Services at CyberTech a division of Altron, most organisations do have VM programs in place – but they aren’t being run effectively enough. “It’s not something that can be done just a few times a year. The process of checking for vulnerabilities, patching them, and then retesting must be done regularly, and must be water-tight.”

“There are many reasons why in-house IT teams struggle to get this right, despite their best intentions, which is why we saw the need for a ‘Vulnerability Management as a Service” (VMaas) offering in the local market,” he notes.

Top reasons why it makes sense to outsource this function include:

1. Cybersecurity skills shortage

The global shortage of cybersecurity professionals is even worse in South Africa, where the most skilled professionals are often headhunted to join big multinational companies. This means cybersecurity professionals aren’t only hard to come by, but they’re expensive to employ and retain.

“When companies lose key security resources they are immediately put at risk, as their VM program is derailed and their systems are left vulnerable,” notes Zea Silva, Key Account Manager at CyberTech a division of Altron.

2. Increasingly complex requirements of cybersecurity

It’s almost impossible for one person – or even a small team of in-house cybersecurity experts, to keep up to date with every aspect of the ever-expanding cybersecurity ‘toolbox’ – from firewalls, to end-point protection, anti-virus and VPNs to name just a few.

Even a talented, multi-skilled professional would struggle to consistently stay on top of each discipline.

And, given the complexity of their day-to-day responsibilities, most in-house security teams will not have time to execute the continuous vulnerability monitoring which is necessary to avoid zero-day attacks.

3. Capacity requirements of the ‘Red team/Blue team’ approach

The ‘Red team/Blue team’ approach is based on the military strategy of creating teams to imitate attacks and other teams to defend them, thereby exposing weaknesses in the organisation’s cybersecurity defense.

It is incredibly effective but requires considerable capacity within the organisation if you don’t outsource one of the teams – as there must be enough team members for each team, all with the necessary skills and experience.

Says Yusuf “Aside from capacity, it just works better to have an external ‘Red team’ working with an internal ‘Blue team’, for governance reasons. As the saying goes, “you don’t mark your own homework,”

“Outsourcing your ‘Red team’ to do the scanning while your ‘Blue team’ then patches and the ‘Red team’ retests, gives your vulnerability management program an added level of integrity”.

4. Cost-effectiveness and flexible deployment models

Instead of the upfront CAPEX costs associated with purchasing software and licenses, outsourcing means companies pay a monthly fee to access premium support and flexible deployment models.

As managed service offerings become increasingly popular, it is important to choose the right partner – one with strong credentials and a good reputation, worthy of entrusting a critical part of your organisation’s cybersecurity framework to.

To conclude, Silva advises: “Make sure you choose a partner that offers a strong team of experts with years of experience, and a fully managed service that covers unlimited scans, mitigation planning and support, detailed analysis, streamlined reporting, and remediation guidance.”