What can be frustrating to many IT administrators is when security assessment ratings are used as a job performance indicator. The security assessment rating is for the security posture of the network at the moment the network was tested. It is not an audit finding that encompasses multiple months of information or behavior in the network. Nor is it an indicator, direct or indirect, of how well the IT staff is maintaining the security of the network. It simply provides an indication of how vulnerable the network is to being exploited at the time of the assessment. Even trying to use the number of vulnerabilities found can be a misleading indicator of job performance.
An assessment run on one day that indicates no high-level or critical vulnerabilities may get a good rating, while the next day another assessment is run, indicating that every machine on the network has a critical vulnerability and is subject to being exploited. The assessment simply shows that in the previous 24-hour period, some new vulnerability has been identified and the existence of that vulnerability on the customer's network can now be tested.
Was the vulnerability there the day before? Probably: Most newly discovered vulnerabilities are found to have existed since the inception of the software or hardware. However, what didn't exist was the public knowledge of how to exploit that vulnerability and compromise the system.
Network and computer security assessments are just one tool in the measurement of the security posture of a given network. Each network and organization is unique and must choose an acceptable level of risk for itself. The network assessment simply provides a single point-in-time reference as to the security condition of the network a snapshot. As long as there are new problems found in software and hardware, either through accidental discovery or deliberate searches, the instantaneous nature of the vulnerability assessment rating will fluctuate.
Over time, organizations should see that older vulnerabilities are being fixed on their networks and not being reintroduced when new devices are placed on the network. They should also see that when the posture of their network changes, it is due to a recent and identifiable cause. Determining how well your organization responds to these changes in security posture is far more important that trying to keep the posture constant. Only by looking at what is causing changes in rating can an organization truly understand if its security program and posture is improving. Only by using vulnerability assessment as one tool in the overall evaluation of the network, and not the sole value, can network administrators make these critical determinations.
Bob Friday, Chief AI Officer for Juniper Networks, explains how the advanced technology is transforming operations.
Contact center leaders from 8x8, Awaken Intelligence, and 360insight discuss the importance of agent experience.
AI may force enterprises to rewire parts of their data centers so they are fully optimized to run such workloads. The question is do you use Ethernet or InfiniBand?
