StudyDaddy Computer Science VM scanner evaluation background report. Please read the assignment before.

VM scanner evaluation background report. Please read the assignment before.

MEMO

VM scanner evaluation background report. Please read the assignment before. 1

July 2nd, 2024


Prudence Kao CMIT 421 2245


Good afternoon,


Subject: Vulnerability Management Process and Assessment Recommendations for Mercury USA

Overview


Given the recent cybersecurity threats in the transportation industry and in response to the growing concerns from the CEO about the company’s security status, this paper aims to assess the current cybersecurity status at Mercury USA. In this report, I have gone over new findings and recommendations based on a penetration testing engagement that an outside vendor conducted while I was a newly appointed cyber threat analyst. This memorandum offers a specific forty-five-step contingency VM process suitable for implementation in Mercury USA, assesses and provides further development of an OpenVAS vulnerability scanning tool, and puts into scenario analysis a business case that stresses why the aforesaid recommendations are deserving of consideration.


Part 1: Vulnerability Management (VM) Process Recommendation

 

To protect Mercury USA from potential cybersecurity threats, I recommend implementing a comprehensive VM process that includes several key elements. The first is asset inventory or an audit of an organization’s assets. The objective here is to actually compile a list of all IT assets, which range from hardware and software to networks. When all the facets related to networks are documented, it becomes easier to detect the myriad issues in the established network framework. The fundamental of vulnerability management is having a good asset inventory, which gives a clear list of what needs protection and where risks can be discovered.

 

Next, the vulnerability scanning process is crucial. For this, an open-source scanner is suggested using the OpenVAS (Open Vulnerability Assessment Scanner), which is an industrial standard (Sharma et al., 2024). Recommended weekly, automated scans are the most commonly used ones and help in the timely detection of vulnerabilities. OpenVAS offers broad-range scanning, which allows you to discover the dozens of holes all over the network. Daily scanning allows for new vulnerabilities to be identified as soon as they are discovered; hence, any counteractions can be made instantly.

 

Prioritization of vulnerabilities follows the scanning process. This entails an evaluation of risks in light of certain factors, such as the CVSS score showing overall risk, consequences to business processes, an organization’s sensitivity to certain threats, for instance, handling customer information, and their compliance with the payment card industry (Walkowski et al., 2020). Arranging the risks by the degree of vulnerability contributes to the concentration of efforts on primary threats when remediating, which helps to avoid wasteful spending on risks that are relatively low priority. This systematic approach means that the most severe risks are bound to be solved as early as possible, thus minimizing the extent of vulnerability that a business might face.

 

Remediation planning is the next critical step. Depending on the level of the identified risks, which can be in the form of weak or missing security measures, measures such as applying patches to systems, reconfiguring systems, or implementing extra security measures should be implemented (Yohanandhan et al., 2020). Specifically, it is critical to determine the time frames within which these actions are to be carried out to afford proper mitigation. A structured remediation plan enables the various parties involved in the handling of risks to do so with a degree of harmony in order to prevent possible attackers from capitalizing on the weaknesses for a given time.

 

Effective Change Control and communication are vital for implementing changes without disrupting business operations. Championing a systematic mechanism of change control acts as a way of maintaining methodical change, thus minimizing the probability of new susceptibilities (Saihi et al., 2023). Moreover, to have general information about the possible changes and the probable implications for everyone, the information about the plan and the possible changes must be reported to all the stakeholders. This approach is useful in the management of change in the sense that security improvements do not have to negatively impact business.

 

Verification and monitoring are ongoing activities in the VM process. The second is the verification of attacks in the post-remediation stage in order to ensure that attackers have been prevented effectively. Therefore, IDS, IPS, and SIEM are utilized consistently for continuous monitoring to oversee the security of a network (Azmi Bin Mustafa Sulaiman et al., 2021). These aids assist in noting any new or persisting weaknesses that may arise so that there is constant protection of the network.

 

Finally, documentation and reporting are crucial for maintaining an organized record of all vulnerability management activities. Records of identified vulnerabilities and their descriptions, remedial measures that have been implemented, and results of the same should be kept and updated constantly. In these reports, some analyses and recommendations are made that assist the management and other stakeholders in being informed about the security status of the organization and the efficiency of the VM process. They keep all the involved people abreast of the current security practices and the results.

 

This VM process is specifically tailored to Mercury USA's needs in the transportation sector, where protecting customer information, proprietary business data, and dangerous loads and hazardous materials during transportation is critical. Through these elements, Mercury USA will improve the security spike, thus minimizing the effect of cyber threats on the company’s operations.

 


Part 2: Vulnerability Scanning Tool Evaluation and Recommendations


OpenVAS, an open-source tool widely regarded as an industry standard, offers comprehensive coverage of vulnerabilities, making it cost-effective with no licensing fees and providing detailed reporting capabilities. However, it is highly configurable, and when fine-tuned, it has very good results, although there are always chances of getting high false-positive cases (Sharma et al., 2024). In a broad context, OpenVAS provides rich reports, and the inspection of such reports includes enough details to determine the priority level of the vulnerabilities and recommendations on how to address the issues encountered. This approach also has the drawback of showing high false positives and may thus need more management at home, although the tool’s comprehensive reports are useful for a technical examination. However, these reports may require summarizing to bring out the key issues that management ought to focus on or issues that management needs to take action on. I advise Mercury USA to keep using OpenVAS since it offers the most extensive coverage and is fairly priced for its services, in addition to incorporating manual analysis and reporting for precision and conformity.

 

 

Part 3: Business Case Example

 

If Mercury USA does not implement the recommended VM process, it risks significant cybersecurity incidents such as ransomware attacks, which could lead to data exfiltration, loss of intellectual property, customer data breaches, and operational disruption. These events could lead to substantial business consequences such as legal claims, penalties, and sales’ concessions, harm to the company's image and client relationships, and vulnerability to being ordered by competitors, as has transpired. The recommended VM process, with the intention of daily vulnerability scanning and subsequent remedial check-ups, is effective in eliminating these risks since the vulnerabilities will have already been plugged. Despite the complexity of this software, applying OpenVAS offers the appropriate coverage and enlightened data for the mentioned process.

 

Closing

 

Implementing a robust VM process is essential to protecting Mercury USA's critical data and maintaining business continuity. The detailed suggestions given here in this memorandum from the Vigilant exploits assessment of OpenVAS for the indicative business case situation demonstrate the need to practice preemptive vulnerability management. If these weaknesses are addressed, it means that the security situation in the country will improve and cyber threats will be less of an issue.

 

I look forward to discussing these recommendations further and implementing the necessary measures to safeguard Mercury USA's IT infrastructure


Very respectfully

Prudence Kao
Cybersecurity Threat Analyst

Mercury USA







References

Azmi Bin Mustafa Sulaiman, M., Adib Khairuddin, M., Rizal Mohd Isa, M., Nazri Ismail, M., Afizi Mohd Shukran, M., & Abu Bakar Sajak, A. (2021). SIEM Network Behaviour Monitoring Framework using Deep Learning Approach for Campus Network Infrastructure. International journal of electrical and computer engineering systems, (Special Issue), 9-21.

Saihi, A., Ben-Daya, M., & As' ad, R. (2023). Advancing Maintenance Digital Transformation: A Conceptual Framework to Guide its Effective Implementation. IEEE Engineering Management Review.

Sharma, M., Desai, D., Arun, A. R., & Rajagopalan, N. (2024, March). OpenVAS vs the Rest: Unveiling the Competitive Edge in Vulnerability Scanners. In 2024 3rd International Conference for Innovation in Technology (INOCON) (pp. 1-6). IEEE.

Walkowski, M., Krakowiak, M., Oko, J., & Sujecki, S. (2020, September). Distributed analysis tool for vulnerability prioritization in corporate networks. In 2020 International Conference on Software, Telecommunications and Computer Networks (SoftCOM) (pp. 1-6). IEEE.

Yohanandhan, R. V., Elavarasan, R. M., Manoharan, P., & Mihet-Popa, L. (2020). Cyber-physical power system (CPPS): A review on modeling, simulation, and analysis with cyber security applications. IEEE Access8, 151019-151064.


Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!