What is a Vulnerability Assessment & What Does it Do
A Guide to Vulnerability Assessments
Adam Gleeson, Vendor Alliance Manager at CyberLab, offers insight into how cyber security vulnerability assessments can help businesses protect and improve their systems. He covers:
- Why do we need Vulnerability Assessments?
- What are internal vulnerabilities?
- What are external vulnerabilities?
UK businesses rely on technology every day and cyber criminals are constantly on the lookout for weaknesses in this technology to exploit.
In fact, the Verizon 2020 Data Breaches Report shows that a UK business is successfully hacked every 19 seconds.
This shows that businesses are vulnerable, but there are steps a business can take to protect its systems. Read our blog titled Quick Wins to be Cyber Secure for more information.
Why do we need vulnerability assessments?
The software on our devices and IT infrastructure is constantly changing. Suppliers add new features, functionality, integrations, processes, and more.
These changes can introduce weak points in our security. These ‘flaws’ in the software or misconfigurations are commonly referred to as ‘vulnerabilities’ and can sometimes cause major security risks to your business.
You might think that it’s best to just not allow changes, but unfortunately, this is also a risk as changes are often made to help fix older vulnerabilities. The best way to protect your business is to reduce your vulnerabilities as much as possible. This makes the attacker’s job more difficult and time-consuming.
One of the easiest ways to manage any vulnerabilities is to regularly scan for them – so you can protect against them before an attacker can exploit them.
Having the ability to check and identify these vulnerabilities is key to any business’ security strategy.
That is where a Vulnerability Assessment comes in. A Cyber Security Vulnerability Assessment is a way for businesses to check where they are most at risk.
This information is key to a business cyber security plan as it shows where actions are needed.
What are internal vulnerabilities?
Internal vulnerabilities are weaknesses in the systems that sit within your business. These can be weaknesses on servers, software, virtual infrastructure hosts, network hardware, or even storage arrays.
Software regularly updates through ‘software patches’ or ‘hotfixes’. These patches are often to resolve the vulnerabilities in their software. Many software packages can simply keep themselves up to date automatically (Microsoft Windows and Office are good examples of this).
There are also many software packages that do not automatically update or will only do so when the user allows it. This is a key example of where your business may have internal vulnerabilities.
Phishing emails are emails designed to trick users into clicking something that looks real and entering their details into a fake website. Users clicking these fake links is by far the most common way that attackers use to gain access to your systems.
Internal vulnerability assessments are the most efficient way to identify risks from internal vulnerabilities and take action to remedy them.
What are external vulnerabilities?
Another of the most common cyber threats is automated botnets. Botnets are networks of computers that have been infected by an attacker and are then used to launch attacks against organisations.
Botnets are usually automated, and they search the internet-connected devices for potential vulnerabilities to take advantage of. When the botnet finds a vulnerability, a human hacker will take over and begin attacking.
This is why it is important to be double-checking your internet-facing interfaces to check you are not vulnerable and do not show up on the botnet’s radars.
This is where the external vulnerability scan comes in by searching your external interfaces for vulnerabilities that an attacker could use and identifying the risk so you can act before a hacker does.
Detect. Protect. Support.
Understand your security risks and how to fix them.
Take the first step to improving your cyber security posture, looking at ten key areas you and your organisation should focus on, backed by NCSC guidance.