The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/80353
security intelligence engine. We categorized our assets with risk levels based on the sensitivity level of the data, which could be used to help prioritize the order or criticality of remediation. Once again, we defined custom scanning policies based on the asset class. Web servers, for instance, were scanned with policies that included the Web modules, as well as some custom-defined parameters that would help the automated scanning process dig deep into the applications. Assessing the Data The firm created a security committee made up of individuals from many areas within the IT organization to assess the vulnerabilities that impact anything within the IT realm and mandate the appropriate corrective action. The data our automated vulnerability management solution gathered were disseminated to this group and assessed alongside all other topics and issues that this committee oversees. All security vulnerabilities and risks were cataloged and prioritized based on metrics such as asset sensitivity, complexity and likelihood of exploit, and potential loss if the target were to be compromised. The committee assigned the appropriate resources to test and roll out the security fix, and assigned a due date based on the prioritization of the finding. Educating the Users The National Initiative for Cybersecurity Education (NICE) issued by the White House has called on the government and private sector to expand cyber education and personnel development. To follow this initiative, organizations need to construct sophisticated and automated employee security testing campaigns that include social engineering and phishing attacks. The regular use of such campaigns can help educate employees and make their employers more resistant against the early stages of sophisticated attacks. With this directive in mind, our next step with these products is to test our user awareness training program. Using Core Insight, we will be setting up an internally managed malicious Web server that will capture information on user activity. This server will be configured to send phishing email messages with URLs that point back to the product, and the data collected will consist of how many people click the links. Should a user click on a malicious link sent out in these campaigns, Core Insight will install a memory- Peer to Peer 35