As much as threat mitigation is to a degree a specialist task involving cybersecurity experts, the day to day of threat mitigation often still comes down to systems administrators. For these sysadmins, it’s not an easy task, however. In enterprise IT, sysadmins teams have a wide remit but limited resources.
For systems administrators finding the time and resources to mitigate against a growing and constantly moving threat is challenging. In this article, we outline the difficulties implied by enterprise threat mitigation and explain why automated, purpose-built mitigation tools are the way forward.
Threat management is an overwhelming task
There is a range of specialists that work within threat management, but the practical implementation of threat management strategies often comes down to systems administrators. Whether it’s patch management, intrusion detection or remediation after an attack, sysadmins typically bear the brunt of the work.
It’s an impossible task, given the growing nature of the threat. In 2021 alone, 28,000 vulnerabilities were disclosed. It is such a large number that, in fact, a large proportion never got as far as being assigned a CVE. This is especially relevant in an industry laser-focused on tracking CVEs, testing for their presence on our systems and deploying patches mentioning specific CVE numbers. You can’t protect against what you don’t know you’re vulnerable to. If a given vulnerability does not have a CVE attached, and all your tools/mindset/processes are focused on CVEs, something will fail. The reasons for not assigning a CVE to a vulnerability are many and outside the scope of this article, but none of those will reduce the work that has to be done in security. Read more:https://bit.ly/3MNZdih