Search

APPROPRIATE SOFTWARE TOOLS TO ACCESS THE SECURITY POSTURE OF AN ORGANIZATION

Updated: Apr 14, 2021

Cyber attacks are widely perceived as the global risk of highest concern to business

leaders in advanced economies. Exposure to cyber risks continues to grow exponentially

as firms become more dependent on technology and adopt artificial intelligence to aid

and ease business processes. This digital transformation as can be seen with the increase

in globalization and distributed workforces, an interconnected web of employees,

customer, and third-party vendors being linked to the enterprise network, all represent

potential areas of compromise.


What are these cyber risks we speak of?


Cybersecurity Risk is the likelihood of harm or loss caused by cyber attacks and data

breaches and according to a 2019 Global Risk Perception Survey, the fastest growing

enterprice risk today. Deliotte’s 2019 Future of Cyber Survey found the qualitative and

quantitative impact of cyber risk to be as shown in the image below:




The most effective cyber risk management strategy must involve first and most importantly,

understanding the organization’s security posture. An organization’s security posture is

basically how resillient it is to cyber threats and attacks. It shows:


a. Security status of software and hardware assets, networks, services, and

information.


b. Controls and measures that are in place to protect from cyber-attacks.


c. Ability to manage defenses.


d. Readiness and ability to react to and recover from security events.


Determining [cyber] security posture is a thorough process that takes three (3) key steps;

getting accurate IT asset Inventory, mappping the attack surface and understanding the

cyber risk involved.



Source: Balbix’s Definitive Guide to Security Posture


Some [software] tool categories that are best suited for this purpose (and take into

account the blindspots) are briefly discussed below, with examples:


a. STEGANOGRAPHY TOOLS (Xiao Steganography): For encoding and

decoding digital media files.


b. CONFIGURATION COMPLIANCE SCANNERS (SolarWinds Network

Configuration Manager – NCM): For ensuring all computer and server setttings are

properly configured as they should be.