Cookie policy: This site uses cookies (small files stored on your computer) to simplify and improve your experience of this website. Cookies are small text files stored on the device you are using to access this website. For more information on how we use and manage cookies please take a look at our privacy and cookie policies. Some parts of the site may not work properly if you choose not to accept cookies.

sections
Home > Rapid7 > Leveraging Security Risk Intelligence: The Strategic Value of Measuring Real Risk
 

Leveraging Security Risk Intelligence: The Strategic Value of Measuring Real Risk

White Paper Published By: Rapid7
Rapid7
Published:  May 22, 2012
Type:  White Paper
Length:  11 pages

Every IT security professional knows that the battle to protect IT resources and data is fully engaged. In its 2012 Data Breach Investigations Report, Verizon registered 174 million compromised records for 2011, compared with 4 million compromised records reported in the 2010 findings. This suggests that cybercriminals - responsible in 98% of the cases - continued to automate and refine their attack methods.

The ongoing struggle to prevent hackers from breaching assets and malware from gaining a foothold requires a vulnerability management strategy that begins with a comprehensive measurement of security risk. Organizations must examine the entire IT stack, including the operating system, network, applications, and databases. The cycle of discovering assets, capturing and processing vulnerability data, identifying actual risks, testing and prioritizing mitigation tasks, and verifying effective controls grows more complex with every new technology that adds convenience but multiplies risk of a breach or incident. These new technologies include dynamic, virtualized environments and services outside traditional physical IT infrastructures, such as virtualized, cloud-based services and social networking.



Tags : 
security, risk management, security intelligence, security assessment, prevent data breach, cyber security, vulnerability management, penetration testing, data breach, breach