The Martian ft. Bryon Singh, RailWorks Corporation

The Martian ft. Bryon Singh, RailWorks Corporation

By Steve Gold
Posted in Security
On December 12, 2023

So how does a round trip flight to Mars, with an extended layover for one lucky astronaut, relate to establishing a remediation process around vulnerabilities? Mark Watney, played by Matt Damon, finds himself stranded on Mars after his crew mistakenly believes he died during a severe storm and leaves the planet without him.

The movie follows Watney as he faces numerous challenges and risks associated with survival on Mars. His approach to these challenges can be likened to a risk-based remediation strategy:

  • Assessment and Prioritization of Risks: Watney assesses the risks he faces, such as lack of food, water, and a way to communicate with Earth. He prioritizes these based on their immediacy and severity.
  • Development of a Remediation Plan: For each identified risk, Watney develops a plan. For instance, to address the food shortage, he innovates a way to grow potatoes inside the habitat.
  • Implementation of the Plan: He puts his plans into action, constantly adjusting as new challenges arise, such as his potato farm being destroyed and rationing his food intake, much like how a remediation strategy would be implemented in a real-world scenario.
  • Monitoring and Adjusting the Strategy: Watney continuously monitors the effectiveness of his solutions and adjusts his strategies as needed. This is akin to the ongoing monitoring and adjustment required in a risk-based remediation process.
  • Documentation: Watney keeps logs and records of his activities, weight, and food, which is a critical aspect of documenting a remediation process.

CIS 7.2 Safeguard emphasizes that the initial detection of vulnerabilities is just the beginning. The more challenging phase is responding to these detected vulnerabilities. This critical stage demands decision-making on how to effectively deal with the identified security gaps. The objective extends beyond merely identifying vulnerabilities; it involves reinforcing and securing these identified weak points.

In this safeguard, the key security function is Respond. Remediation, a critical part of your vulnerability management strategy, concentrates on the actual resolution of the detected vulnerabilities. At this juncture, it becomes essential to establish a prioritization system that is specifically suited to your organization's needs, one that also takes into consideration any external information that might impact the organization’s risk.

The creation of an effective prioritization system stands out as a crucial element of the CIS 7.2 Safeguard. Such a system must be customized to fit the specific needs and structure of each organization. It is important that this system evaluates not only the severity of the vulnerabilities but also external influences that could affect the organization’s overall risk. This method ensures that resources are utilized where they are most needed, allowing for the immediate addressing of the most severe vulnerabilities.

When it comes to balancing the internal and external aspects, a well-crafted prioritization system within the framework of CIS 7.2 combines an in-depth understanding of the organization's infrastructure with external data on current and emerging threats. This integration of internal and external information facilitates the formation of a dynamic and adaptable strategy for remediation, one that is responsive to changes both within the organization and in the broader cyber threat environment.

Here’s a link to the Vulnerability Management Policy Template provided free of charge from the fine folks at the Center for Internet Security: https://www.cisecurity.org/insights/white-papers/vulnerability-management-policy-template-for-cis-control-7

Here are some details on this specific Control/Safeguard. If you want more information , DM me.

CIS Control 7 – Continuous Vulnerability Management

Develop processes and technical controls to identify, classify, securely handle, retain, and dispose of data.

Implementation Group 1

CIS Safeguard 7.2 - Establish and Maintain a Remediation Process

Establish and maintain a risk-based remediation strategy documented in a remediation process, with monthly, or more frequent, reviews.

Steve Gold

Steve Gold

Steve Gold is the Cybersecurity Practice Director at Gotham Technology Group (Gotham). He is responsible for providing the vision and thought leadership to expand Gotham’s legacy of success and build a world-class cybersecurity practice. He works closely with Gotham’s customers, industry partners, and subject matter experts to develop relevant solutions for Gotham’s clients and prospects.

Prior to joining Gotham, Steve worked with the Center for Internet Security (CIS), where he expanded the global reach, revenue, and impact of the CIS Benchmarks, CIS Controls, and CIS Hardened Images. He led the efforts to promote the CIS portfolio of low-cost and no-cost cybersecurity products and services that help private and public organizations stay secure in the connected world. He grew a team of security specialists from 12 to over 40 to assist organizations with implementing security best practices in their continual journey of cybersecurity maturity.

During his more than 20-year career, Steve led teams responsible for developing and implementing technology solutions at some of the industry’s most recognized companies such as Varonis, VMware, Dell & Wyse Technology

Steve is a frequent speaker/moderator at industry conferences and webinars, covering a wide array of information security topics. He resides and works remotely in Baltimore, MD.