Thinking Beyond Cybersecurity Vulnerability Assessments: What’s Next?

By Yan Aksenfeld. May 6, 2020

Having vulnerabilities isn’t always a bad thing. In personal interactions, for instance, being vulnerable can lead to deeper, more meaningful relationships.  

But we’re not talking psychology today. We’re talking cybersecurity. And when it comes to IT infrastructure, vulnerabilities are nothing but bad. The average cost of a data security breach is $3.92 million worldwide and $8.19 million in the US. And it’s estimated that cybercriminals will steal 33 billion records annually by 2023. Which is why most IT organizations conduct vulnerability assessments. 

What Vulnerability Assessments Can Do

You can’t fix what you can’t see. A vulnerability assessment or vulnerability analysis can reveal gaps in your company’s security defense and provide an overall picture of your security posture. Especially if you conduct scans on endpoints, and not just the perimeter. Which you must, because endpoints are the gateway into your organization’s network and sensitive information. With these scans, you’ll learn which data is particularly vulnerable and get help in prioritizing the security risks. 

There are a variety of vulnerability scanning tools that information security pros use to help detect threats from malware, distributed denial of service (DDOS), man-in-the-middle attacks, and the like. Because of false positives, as well as the need to ensure assessments are accurate, many organizations also do penetration testing. This checks whether a vulnerability really exists and helps prove that exploiting it can result in damage.

What Vulnerability Assessments Cannot Do

As critical as vulnerability analyses are, I think everyone would agree they’re not nearly sufficient to secure sensitive data from attackers. For one thing, they’re usually not done every day. Sometimes they’re conducted quarterly. Or, if companies are more on top of it, on a monthly basis. 

That’s not good enough, considering that zero day malware accounted for half of all detections in Q3 2019, which was a whopping 60 percent increase over Q3 2018.

But no matter how strong your vulnerability management is, and what kind of visibility you get, it doesn’t prevent, or enable you to respond to, attacks. It won’t stop end-users from unknowingly downloading malware onto their devices, especially when, for example, 83 percent of global organizations experience phishing attacks. And when 41 percent of companies let all their employees access more than 1,000 sensitive files. No wonder cyber criminals find their way to the corporate crown jewels.   

Can You Block Cyber Criminals from Sensitive Data, Assuming an Endpoint will be Breached Sooner or Later?

Yes, by stopping them from using end-user devices as the gateway to your crown jewels. 

To do this, you can’t just look for security weaknesses that attackers have already taken advantage of on those devices. You need to take more proactive security measures. How? By securing the device operating system itself.  

Endpoint Operating System Isolation Stops Attackers in their Tracks

OS isolation contains endpoint attacks so that they can’t worm their way into privileged information. The technology, pioneered by Hysolate, splits a single physical endpoint into multiple virtual operating system environments. 

Hysolate uses a virtual air gap to separate the environments. This vGap is akin to having separate physical devices for privileged and non-privileged work, where there’s no way for cybercriminals to jump from one to the other.  

To mitigate security risks, dedicate one OS on each user’s device to sensitive data that must be kept free of potential threats like malware. Make it fully locked down. Use the other OS for general day-to-day work. It’s open to the internet and used for email and non-privileged information. If people try to use the wrong VM for a particular task, Hysolate automatically redirects them to the correct one.

Any cyber criminals that breach the general OS are completely contained within it. They cannot reach the privileged OS or even see that it exists. For added protection, security professionals can also configure that general OS to be non-persistent so that it’s wiped clean at specified intervals.  

Want to future proof your attack mitigation? Learn how Hysolate makes privileged access workstations a reality without restricting user experience. Start your free trial here.

 

 

About the Author

Yan is a Product Manager at Hysolate bringing more than a decade of experience in the software, IT and cyber security industries in both software and customer facing roles. He joined Hysolate in its first year as the first customer facing role as a senior sales engineer. Previously acting as a software engineer and customer success lead in the VMware end user computing business unit, Yan actually began his career in an IDF military intelligence unit where he was an architect and tech lead on large-scale virtualization and IT projects. He holds a BSc degree in Computer Science and an MBA.

Share this article: