All Research
Leadership Brief

Why don't you like this?

I like this
I don't like this

Prepare and Protect against Software Vulnerabilities

Mike Small
All software contains vulnerabilities that can be exploited by adversaries to attack the IT systems and data that organizations depend upon. It is essential that organizations have a vulnerability management process as part of their overall IT risk management to identify and control these. This leadership brief describes the vulnerability management process that organizations should implement.

1 Executive Summary

All software contains vulnerabilities that can be exploited by adversaries to attack the IT systems and data that organizations depend upon. It is essential that organizations have a vulnerability management process as part of their overall IT risk management to identify and control these.

A software vulnerability may result from an error in the coding or other factors that can be exploited to provide unexpected and unwanted functionality. Examples of this include a failure to check user input that allows a malicious actor to extract data (SQL Injection) and weaknesses that allow remote execution of commands on the affected systems (as in the recent Log4shell exploit).

Since late 2020, software supply chain attacks have risen to the top of the agenda in cybersecurity. Two major incidents, affecting software vendors SolarWinds and Kaseya, resulted in their customers receiving malicious software on their customers. By tampering with COTS (commercial off the shelf) software, attackers managed to multiply their attacks and gain access to thousands of other organizations.

This leadership brief describes the vulnerability management process that an organization should implement to:

  • Prevent the introduction of vulnerabilities.
  • Identify existing vulnerabilities and monitor the discovery of new ones.
  • Assess the impact of these on the business systems.
  • Implement the appropriate response in a timely manner.
Full article is available for registered users with free trial access or a paid subscription.
Log in
Become a Member and read on!
Create an account and buy a Membership package or use our 7-days free trial period to access this and 600+ other in-depth and up-to-date insights.
Register and request your 7-day free trial
Register
Already convinced? Check out our packages
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use