Every battlefield commander understands the strategic necessity of reliable intelligence. Winning battles depends on accurate understanding of enemies, their tactics and goals, weighing risks against potential damage, and deploying resources to mitigate or neutralize threats. Gathering information is just a starting point; more importantly, is any of it relevant or meaningful? Within all the chatter and noise, effective commanders discern the one percent of useful intelligence and follow through with action.
Every IT security professional knows that the battle to protect IT resources and data is fully engaged. In its 2012 Data Breach Investigations Report, Verizon registered 174 million compromised records for 2011, compared with 4 million compromised records reported in the 2010 findings. This suggests that cybercriminals – responsible in 98% of the cases – continued to automate and refine their attack methods.
The ongoing struggle to prevent hackers from breaching assets and malware from gaining a foothold requires a vulnerability management strategy that begins with a comprehensive measurement of security risk. Organizations must examine the entire IT stack, including the operating system, network, applications, and databases. The cycle of discovering assets, capturing and processing vulnerability data, identifying actual risks, testing and prioritizing mitigation tasks, and verifying effective controls grows more complex with every new technology that adds convenience but multiplies risk of a breach or incident. These new technologies include dynamic, virtualized environments and services outside traditional physical IT infrastructures, such as virtualized, cloud-based services and social networking.
Rapid7 addresses the need for dynamic, in-depth risk management with Security Risk Intelligence, a holistic approach to minimizing risk (Figure 1). It is based on a unified solution set that includes vulnerability management, penetration testing, and best practices. Security Risk Intelligence helps organizations detect vulnerabilities, prioritize risks, and validate threats in a closed-loop system.
Beginning with an understanding of the need for effective risk management followed by a definition of the elements of risk, this discussion presents the advantages and strategic value of Rapid7 Security Risk Intelligence for your environment and illustrates its operation.