• Partners
  • Contact Us
  • Client Support
Coretelligent
  • About
    • Why Choose Coretelligent As Your Managed Service Provider?
    • Core Values
    • Leadership
    • Testimonials
    • Careers
  • Solutions
    • Overview
    • IT Planning & Strategy
    • Comprehensive IT Support
    • Security & Compliance
    • Unified Cloud Management
    • Backup & Disaster Recovery
    • Co-Managed Services
  • Industries
    • Overview
    • Financial Services
    • Real Estate
    • Life Sciences
    • Technology
    • Professional Services
  • IT Resources
    • Resource Library
    • Blog
    • Events
    • Press Releases
    • Media Coverage
  • Contact
  • Search
  • Menu

Insights Articles

Our Information Technology Views and Articles

Think About IT: Vulnerability Management

Insights
September 14, 2020

Thoughts from Coretelligent’s Chief Technology Officer, Chris Messer

IT is an ever-changing field, and the reality is IT isn’t top of mind with many of our clientele. Nor should it be. That’s our role – to come in, evaluate, update, remediate, and think proactively for growing businesses. That way, you have the time and resources to focus solely on your day to day operations.

Vulnerabilities, Everyone has Them

Your vulnerabilities are one of our top priorities. They can come in many different forms- from technical weaknesses, including issues with software and hardware or misconfigurations of systems, to human behavior and process-based vulnerabilities.

Believe it or not, risky user behaviors are some of the top vulnerabilities. With COVID and remote work, we’ve seen an uptick in phishing and malware related schemes. In general, attackers are trying to take advantage of people’s fear and uncertainty around COVID. In addition, Biotech firms are being targeted at a higher rate because of their COVID research.

We are also seeing account-based vulnerabilities, where attackers are using stolen passwords. Once they capture one user’s information, they compromise your email and then work their way through the organization. If we look at Marriott’s breach from February of this year, stolen credentials resulted in an attacker having access to the information of 5.2 million guests. It’s possible attackers obtained those credentials through phishing emails.

No matter what category a vulnerability falls under, it’s a weak point that cybercriminals can exploit. One vulnerability is all an attacker needs to breach your system. That’s why it’s critical to have risk and vulnerability programs in place.

How Should You Address These Vulnerabilities?

Every company should invest in a robust vulnerability management program. You need to have a foundation in place that incorporates procedures and policies that identify, evaluate, and address vulnerabilities. Although email and stolen credentials have been the two most common attack vectors, COVID and remote work have exacerbated these attacks.

In terms of email and phishing, remember if an email looks suspicious, it probably is. Businesses should have frequent and repeatable security awareness training in place to keep end-users up-to-date and aware of current threats. Conduct phishing campaigns to test or validate that awareness training is effective. Remind users not to provide their information, download attachments, click on links, or forward emails that could be malicious. If something feels off or looks strange about a vendor email or pop-up, trust your gut. Check with IT or your MSP before taking action.

With account-based threats, implement solutions like multi-factor authentication (MFA), which requires a code in addition to a password. If a user’s credentials become compromised, MFA could protect your company from a breach. Make sure users are adhering to corporate password policies. They should not be rotating or reusing passwords.

Businesses need to continually train and retrain employees on best practices and company policies. You need to continuously go through your vulnerability management program to identify and remediate issues. If you are interested in learning the more technical aspects of vulnerability management, check out our Vulnerability Management Guide: https://coretelligent.com/it-resources/guide-to-vulnerability-management/

Vulnerabilities: Why Care? Your Bottom Line.

There will always be new vulnerabilities that affect your systems. That’s why organizations must have a vulnerability management program that continuously addresses risks. When an attacker exploits your vulnerabilities, it affects your bottom line. A successful breach can cause data loss, monetary loss, loss of reputation, and possibly closure of your business.

Managing Vulnerabilities with White Glove IT

At Coretelligent, we understand that your time is valuable and best spent focusing on organizational objectives. Our job is to ensure that your IT solutions are proactively aligned with your current and future business goals. Vulnerability management is a constant process that requires regular maintenance and monitoring. That’s why we recommend CoreArmor in addition to remote support. CoreArmor provides the active monitoring and human analysis needed to continuously assess and treat vulnerabilities.


About Chris

Chris Messer, Chief Technology Officer at CoretelligentAs Chief Technology Officer, Chris Messer is a transformational and strategic IT leader who establishes and leads Coretelligent’s technical vision and technological development.

Click here to learn more about Chris.

by Jen Wallace
« Upgrading to Modern GxP Solutions for Validated EnvironmentsImpacts of COVID-19 on Cybersecurity »

Latest Insights / Articles

May 18, 2022

The Dangers of Data Exfiltration in Cyber Attacks

April 28, 2022

3 Things Your CISO Wants You to Know About Risk Management

April 25, 2022

Understanding Common Vulnerabilities Facing Life Sciences

April 25, 2022

10 Questions to Ask a Potential Managed IT Service Provider

Read our Latest Resources
Best Practices for Safeguarding Against Critical Cyber Threats

Safeguard Against Critical Cyber Threats

Download Now
Strategic IT Planning

Paving the Road to Success with Strategic IT Planning

Download Now
Solving Cybersecurity for Financial Services On-Demand Webinar

Solving Cybersecurity for Financial Services On-Demand Webinar

Download Now

About

  • Why Choose Coretelligent As Your Managed Service Provider?
  • Core Values
  • Leadership
  • Testimonials
  • Partners
  • Careers

Solutions

  • Overview
  • IT Planning & Strategy
  • Comprehensive IT Support
  • Security & Compliance
  • Unified Cloud Management
  • Backup & Disaster Recovery
  • Co-Managed Services

Industries

  • Overview
  • Financial Services
  • Real Estate
  • Life Sciences
  • Technology
  • Professional Services

Contact

Sales & Support: 1-855-841-5888

Email: info@coretelligent.com

Support Service Center

Let’s Talk

Schedule a no-obligation consultation.

Contact Us Today

Locations

Atlanta

Boston

Chicago

Dallas

Houston

Los Angeles

Maryland

New York

Philadelphia

Portland

San Francisco

Stamford

Tampa

Washington, D.C.

West Palm Beach

Virginia

Follow Us

  • Facebook
  • Twitter
  • LinkedIn

© 2022 Coretelligent. All rights reserved.

Privacy Policy

CCPA Privacy Notice

Scroll to top

This site uses cookies. By continuing to use this site, you accept our use of cookies. Our privacy policy was recently updated on November 2, 2018. Learn more about our Privacy Policy here.

I Accept