Industry Luminary: Vulnerability, Configuration Management Matter Most

Solution providers attempting to establish or build out their security practice don't need to sell the latest security technology to clients, according to Marc Maiffret, chief technology officer of security and compliance management vendor BeyondTrust. Maiffret, a security industry veteran, noted for discovering the first security worm in 2001 targeting Microsoft PCs called Code Red, believes businesses can greatly reduce their attack surface by focusing on building superb vulnerability and configuration management processes. At 17, Maiffret co-founded eEye Digital Security, a company that focused on vulnerability management. It was acquired by BeyondTrust in 2012. He was also the chief security architect at network security vendor FireEye. Maiffret also worked in the channel, having built a security consultancy that provided penetration testing, security assessments and incident response services that was later acquired by DigiTrust Group, a Los Angeles-based managed security services provider for small and midsize businesses. In this interview with ITBestofBreed, Maiffret explained why soilution providers should focus on helping organizations sharpen their basic security practices.

Focus The Security Practice On The Basics

For SMBs, I would be giving them enterprise-level process around patch management, vulnerability and configuration assessments and then some white listing around the processes and communication on the network. Even if an employee is going out of their way to click and do something bad you are going to block the vast majority of many threats. Most cybercrime is still not leveraging zero-days or using sophisticated methods to get into the network. Businesses are bad at keeping software and systems up to date and the systems are never hardened and configured in any way. Good configuration, good patching, good vulnerability management processes trumps most of the stuff that is out there.

NEXT: Common Applications