A Vulnerability Alert Management Policy (VAMP) is created within an organization to establish consistent rules for the review, evaluation, application, and verification of system updates to alleviate vulnerabilities in one’s environment and the risks associated with them. This process sets out goals and timing around applying patches to address critical vulnerabilities within your environment. Applicable vulnerability alerts, discovered via threat hunting, vulnerability alert services, and security assessments, require an appropriate, timely, repeatable, and documented response in order to prevent damage to a company’s systems, goodwill, and ultimately their reputation.
A Business’s vCISO and MSP typically provide oversight on vulnerabilities and critical issues through many online sources including cybersecurity email lists, forums like CISA and Microsoft, and even government agency alerts (FBI, NSTAC, and NSA) are reviewed as needed.
Security alerts must be reviewed and assigned to a 3-point criticality scale, defined below and based upon established classifications within the cybersecurity industry. Your cybersecurity lead is responsible for escalating, reviewing, recommending a course of action, and then tracking the resolution and mitigation of each critical vulnerability alert.
What does this mean for an SMB?
- Written Information Security Policy (WISP)
- Information Handling Policy (IHP)
- Password Policy (PP)
- Acceptable Use Policy (AUP)
- Cybersecurity Incident Management Process (CIMP)
Other Cybersecurity Best Practices
There are other actions you should take to protect your business from other attacks and harm including:
- Adopt a password manager for better personal/work password hygiene
- Require two-factor authentication on any SaaS solution or critical accounts
- Require 14+ character Passwords in your Governance Policies
- Train employees to spot and avoid email-based phishing attacks
- Check that employees can spot and avoid phishing emails by testing them
- Backup data using the 3-2-1 method
- Incorporate the Principle of Least Privilege
- Perform a risk assessment every two to three years
For more info, watch this X min video on Cybrary Term.
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
- Cybrary (Cyber Library)
- Press Releases
- Instructional Videos (HowTo) – very helpful for our SuperUsers!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.