There are three major challenges facing today's IT security team that impact their ability to provide a secure environment for their enterprise.
The first problem is the increasing proliferation of databases and web applications as Web 2.0 and more software solutions are being utilized throughout an enterprise. Today, we are seeing IT solutions being utilized to increase productivity and mission effectiveness. New technologies (such as cloud computing, web 2.0, and COTS\FOSS solutions) that provide data sharing between organizations are becoming prolific. As increases in IT investments continues, the complexity and sheer number of web applications, databases, servers and network device infrastructure have become a management challenge.
The second problem is the singular focus on server assets, with limited or stove-piped management of other asset types. The focus in the past has been on server inventory and configuration management concerns (ensuring that servers and network devices have proper settings) rather than cyber vulnerabilities. In addition to being unfamiliar with vulnerability analysis, organizations often implement several commercial cyber tools that are specific to each asset type. Vulnerabilities are then individually evaluated within a specific asset type, rather than from a more holistic, enterprise view. The analysis needs to shift its focus to what is most important to the entire IT enterprise, and not what is most important for an individual set of servers or databases. With the limited budget and resources available in many organizations today, the most critical vulnerabilities in the environment need to be identified and remediated quickly. Without an integrated view, the security team is challenged to identify the greatest threats to their mission or enterprise.
The third problem is the increasing number of vulnerabilities and threats, in an environment where the enterprise is constantly evolving. As new vulnerabilities are constantly being found by hacker organizations, it is a challenge for the security team to stay current on the most up-to-date software patches and cyber best practices. If only the vulnerabilities and threats were changing, then the problem would be daunting enough. However, new assets are being added to the enterprise on a routine basis, configuration changes are being made to support operations, and vulnerabilities are constantly being fixed; all of which contributes to a constantly changing baseline. All of these problems lead to a very reactive process that is time consuming, and as such doesn't effectively protect the enterprise environment.
There are two major goals of the vulnerability management process that cannot be met with a reactive process: the first goal is to keep the environment secure, and the second goal is to keep the environment compliant. With the stove-piped, complex, and time-consuming process that exists today, it is difficult to keep the enterprise environment secure and compliant.