BUILDING A VULNERABILITY MANAGEMENT FRAMEWORK: A PILLAR TO CYBER DEFENSE
Keywords:
Cybersecurity, Incidents, Software, Threats, VulnerabilitiesAbstract
In today's landscape, digital innovation and transformation are occurring at a rapid pace, introducing the risk of vulnerabilities into systems. It is imperative for organizations to build robust cyber defense strategies to safeguard against potential threats. If exploited by attackers, these vulnerabilities can lead to significant financial, regulatory, and reputational losses. An effective vulnerability management program is essential for providing assurance that systems are being monitored and risks are being mitigated, thereby keeping attacks at bay. This paper explores a comprehensive vulnerability management framework that organizations can utilize as a starting point to build their programs, ensuring robust security and resilience against emerging threats.
References
Goel, Jai Narayan, and Babu M. Mehtre. "Vulnerability assessment & penetration testing as a cyber defence technology." Procedia Computer Science 57 (2015): 710-715.
Cybersecurity & Infrastructure Security Agency. Software Assurance. https://www.cisa.gov/sites/default/files/publications/infosheet_SoftwareAssurance.pdf
Security Magazine. Fifty percent of CISOs confident that software is completely tested. https://www.securitymagazine.com/articles/99236-fifty-percent-of-cisos-confident-that-software-is-completely-tested
Electric AI Blog. High-Profile Company Data Breaches. https://www.electric.ai/blog/recent-big-company-data-breaches
Faster Capital. Types Of Vulnerabilities and Their Impact. https://fastercapital.com/topics/types-of-vulnerabilities-and-their-impact.html
Beyond trust blog. NIST Cybersecurity Framework 2.0 – What’s New & What You Need to Know. https://www.beyondtrust.com/blog/entry/nist-cybersecurity-framework-2
NIST. Implementation Examples for the NIST Cybersecurity Framework 2.0. https://www.nist.gov/system/files/documents/2024/02/21/CSF%202.0%20Implementation%20Examples.pdf
