Cybersecurity Practice #7: Vulnerability Management (small)

Modified on Wed, 14 Jun, 2023 at 12:52 PM

Vulnerability management is the process used by organizations to detect technology flaws that hackers could exploit. This process uses a scanning capability, often provided by an EHR or IT support vendor, to proactively scan devices and systems in your organization.


Sub-Practices for Small Organizations

 

7.S.A

Vulnerability Management

NIST FRAMEWORK REF:

PR.IP-12

As discussed in the introduction to this document, weak passwords, default passwords, outdated software, and other technology flaws identified by vulnerability management scans are commonly referred to as vulnerabilities. Vulnerability scans may yield large amounts of data, which organizations urgently need to classify, evaluate, and prioritize to remediate security flaws before an attacker can exploit them.


Vulnerability management practices include:

  • Schedule and conduct vulnerability scans on servers and systems under your control to proactively identify technology flaws.
  • Remediate flaws based on the severity of the identified vulnerability. This method is considered an “unauthenticated scan.” The scanner has no extra sets of privileges to the server.  It queries a server based on ports that are active and present for network connectivity. Each server is queried for vulnerabilities based upon the level of sophistication of the software scanner.
  • Conduct web application scanning of internet-facing webservers, such as web-based patient portals. Specialized vulnerability scanners can interrogate running web applications to identify vulnerabilities in the application design.
  • Conduct routine patching of security flaws in servers, applications (including web applications), and third-party software. Maintain software at least monthly, implementing patches distributed by the vendor community, if patching is not automatic.  Robust patch management processes, as outlined in 2.S.A, mitigates vulnerabilities associated with obsolete software versions, which are often easier for hackers to exploit.

Threats Mitigated

  1. Ransomware attack
  2. Insider, accidental or intentional data loss
  3. Attacks against connected medical devices that may affect patient safety

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article