In information technology, the term vulnerability management describes the process of identifying and preventing potential threats due to vulnerabilities, from compromising the integrity of systems, interfaces and data. Various organizations break down the management process into several steps, and the components of the process identified can vary. Regardless of such variation, however, those steps typically embody the following: policy definition, environmental establishment, establishing priorities, action and vigilance. Following the embodiment of each step provides information technology managers and security analysts with a core methodology that can effectively identify threats and vulnerabilities, while defining actions to mitigate potential damages. Objectively, the process of management is to understand those potential threats before they can take advantage of vulnerabilities in both systems and the processes involved in accessing those systems, or the data therein contained.
Policy definition refers to establishing what levels of security are required in regards to systems and data throughout the organization. Upon establishing those levels of security, the organization will then need to determine levels of access and control of both systems and data, while accurately mapping those levels to organizational needs and hierarchy. Thereafter, accurately assessing the environment of security based on the established policies is crucial to effective vulnerability management. This involves testing the state of security, accurately assessing it, while identifying and tracking instances of policy violation.
Upon identification of vulnerabilities and threats, the vulnerability management process needs to accurately prioritize compromising actions and states of security. Involved in the process is assigning risk factors for each vulnerability identified. Prioritizing those factors according to each risk posed to the information technology environment and the organization is essential to preventing disaster. Once prioritized, then the organization must take action against those vulnerabilities identified whether it is associated with removing code, changing established policies, strengthening such policy, updating software, or installing security patches.
Continued monitoring and ongoing vulnerability management is essential to organizational security, particularly for organizations that rely heavily on information technology. New vulnerabilities are presented almost daily with threats from a variety of sources both internally and externally seeking to exploit information technology systems to gain unauthorized access to data, or even launch an attack. Therefore, continued maintenance and monitoring of the vulnerability management process is vital to mitigating potential damages from such threats and vulnerabilities. Policies and security requirements both need to evolve to reflect organizational needs as well, and this will require continued assessment to make sure both are aligned to organizational needs and the organization's mission.