MEMO
[date]
[Your name and course number/section]
[Opening Salutation]:
Overview
A robust vulnerability management process involves the collaboration of security components which are critical in an organization. The concerns of Mercury USA that involves protection of customer information, proprietary business data and dangerous load and other hazardous materials during transportation. The first part gives recommendation for the vulnerability management process for Mercury USA. It will highlight the major VM process components and recommendations that meet the business needs of Mercury USA. The second part describes the vulnerability scanning tools evaluations and the recommendations. Lastly, the outcomes of not implementing the recommendation of a VM process will be discussed.
Part 1: Vulnerability Management (VM) Process Recommendation
The main objective of the Vulnerability management process in Mercury USA will be to detect and remediate the vulnerability through timely solutions. The vulnerability management process in Mercury USA involves preparation, vulnerability scan, definition of remediating actions, the implementation of the actions and the rescan.
In planning of the process, the preparation is recommended to start with a small scope which starts out with a small number of systems, for Mercury and the transportation sector. Security officer should be involved in making an agreement of the systems to be included and those to be excluded from the vulnerability management process. Other assets include the operating system, machine, network and the physical location. The initial vulnerability scans are next in the process and should utilize a wide range of reporting options visualize results by creation of a number of reports. The risks faced by Mercury USA and its transportation sector will be identified coupled with the severity of the identified vulnerabilities.
The vulnerability scans should be run quarterly in every year for low risks assets and once per month for high-risk assets. Hackers are constantly scanning the external assets daily and make reports on the vulnerability of the organization. There is need for the organization to have an automated assessment that identify vulnerability on systems, network and applications for weaknesses. The industry standard scanning tools include, Comodo cWatch, OpenVAS, Nexpose Community and Nikto scanners.
Part 2: Vulnerability Scanning Tool Evaluation and Recommendations
External scans were performed by a third-party penetration tester using the free tool Open Vulnerability Scanner (OpenVAS) that was allowed to assess the security orientation and network of Mercury USA. I consider Open Vulnerability Scanner (OpenVAS) to be an industry standard tool. As an external scanner, it offers the advantage of providing a free open-source vulnerability assessment tool, it has the common vulnerability and exposure coverage and it is built to be an all-in-one scanner. However, it supports less operating system, it does not offer policy managements and compared to other industry standard scan tools it has a smaller common vulnerability and exposure. The tool output is detailed and analytical in the identification of vulnerability. The tools provide enough reporting details that focus on the correct vulnerabilities. The report clearly identifies the most critical vulnerabilities. The report adequate provides mitigations for each vulnerability which makes the reports suitable for management. I would recommend the use of the tool and the automatic distribution of the report for Mercury USA.
Part 3: Business Case Example
An example of a business case where the company did not implement the recommendation of a VM process is Marriott International. The risks of the organization were still high even with a reputable firewall and antivirus software and an intrusion detection system. The problem of a misconfigured firewall was a major vulnerability as an antivirus catcher known viruses and trojan horses. The business experience data exfiltration, hacker intrusions and ransomware in the system and network of the organization vulnerable sections. The VM process recommended identify all major critical vulnerabilities to the security and provide mitigations for each in a detailed manner and can be applied automatically and regularly to be safe on a regular basis.
Closing
In conclusion, the important components of the VM process is the vulnerability scans and the key element is the tool of evaluation adopted by the company. Following the business case, it is important to implement the mitigations recommended for dealing with vulnerability for Mercury USA and cybersecurity attacks against the transportation sector. The implementation of more security tools and regular security scans will increase the overall security of Mercury USA that protect the organization against attacks, breaches and data loss.
Cybersecurity Threat Analyst
Mercury USA
References
Top 10 vulnerability assessment scanner. (2020, October 9). cWatch Blog. Retrieved from https://cwatch.comodo.com/blog/website-security/top-10-vulnerability-assessment-scanning-tools/
Farris, K. A., Shah, A., Cybenko, G., Ganesan, R., & Jajodia, S. (2018). Vulcon: A system for vulnerability prioritization, mitigation, and management. ACM Transactions on Privacy and Security (TOPS), 21(4), 1-28.
Kasprzyk, R., & Stachurski, A. (2016). A concept of standard-based vulnerability management automation for IT systems. Computer Science and Mathematical Modelling, (3), 33-38.
