Objective 1.6 - Security Concerns with Various Vulnerabilities

Cloud-based vs. on-premises vulnerabilities

the latter refers to software vulnerabilities, weak configurations, and third-party issues arising from hosts, servers, routers, switches, access points, and firewalls located on a private network installed to private offices or campus buildings

Zero Day

Attack against a vulnerability that is unknown to the original developer or manufacturer

Weak configurations

Configuration settings that are not properly implemented, resulting in vulnerabilities

Open Permissions Vulnerability

A vulnerability that occurs when files are not secured with proper permissions and left open to the public

Unsecured root accounts

Unprotected accounts that give unfettered access to all resources.

Weak encryption

An encryption algorithm which can be broken within a time frame that would enable the breaker to take advantage of the information that has been encrypted.

Unsecure Protocols

Also called insecure protocols, using protocols for telecommunications that do not provide adequate protections.

Open ports and services

Devices and services that are often configured to allow the most access so that the user can then close those ports that are specific to that organization.

Third-party risks

Vulnerabilities that arise from dependencies in business relationships with suppliers and customers.

Vendor management

Policies and procedures to identify vulnerabilities and ensure security of the supply chain.

System integration

Connectivity between the systems of an organization and its third parties.

Lack of vendor support

When the company that made a device provides no support for the device.

Supply chain

the connected chain of all of the business entities, both internal and external to the company, that perform or support the logistics function

Outsourced code development

Contracting with third parties to assist the organization in the development and writing of a software program or app.

Data storage (third party risk)

when storing data, consider the type of data and if it requires encryption (encryption limits exposure but adds complexity)

Improper or weak patch management

Firmware:

Operating system:

Applications:

Legacy Platforms

The risk with legacy systems is that they might not have any vendor support because the vendor has deemed that the system has reached the end of its life and there will be no more patches. As technologies improve, so do the hacking tools, and the legacy systems may have limited or no protection against them.

Data loss

an error condition in information systems in which information is destroyed by failures or neglect in storage, transmission, or processing.

Data breaches

A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.

Data exfiltration

The process by which an attacker takes data that is stored inside of a private network and moves it to an external network.

Identity theft

the fraudulent acquisition and use of a person's private identifying information, usually for financial gain.

Reputation Impact

impact on reputation due to a vulnerability being exploited; organizations are often required to disclose resulting in stock price drops, loss of clients

Availability Loss Impact

You can lose uptime and availability causing outages making a system unavailable, directly hurting your customers