Software Solutions for Network Security Architecture

Executive Proposal – Nessus

Executive Summary

This proposal provides detailed summaries and capabilities for one of many software solutions that should be considered for implementation in Medi-Ready’s network security architecture. Analysis was collected from various credible sources, including manufacture and government reports and websites. These resources were all taken into consideration while developing a summary of the features of the software solution.

The software solution, Tenable’s Nessus, is a highly sophisticated vulnerability scanner that would mitigate vulnerabilities and concerns over the protection of research and customer data at Medi-Ready. Overall, the potential costs of a data breach pose a significant risk to Medi-Ready and neglecting to address data security concerns could potentially cost millions of dollars in the future. It is recommended that software, such as Nessus, be researched and purchased so that cybersecurity professionals can utilize the correct tools for securing the company’s data.

Introduction

Medi-Ready has achieved extraordinary success in the medical research and development fields and has grown far beyond a start-up in just five short years. Now a formidable player in the medical research and development industry, the company’s capabilities and workforce have increased dramatically. In conjunction with these positive numbers comes an increased demand and a prominent niche in public-facing media covering medical advancements. This increased visibility has come with both benefits and costs. Turning now to the subject of website defacement and false accusations against the organization’s practices, Medi-Ready must ensure its data and networks remain secure in the wake of increasing hacking attempts.

Summary/Recommendations

Like its market rivals, some of which have been significant contributors to the medical industry for over 40 years, Medi-Ready has recently been targeted by cyber criminals seeking to obtain unauthorized access to intellectual property. One of Medi-Ready’s competitors has already experienced hundreds of millions of dollars in losses after successful hacking attempts resulted in unauthorized disclosure of researching data.

Medi-Ready and its competitors must implement new and robust cybersecurity techniques and programs if they expect to match developing criminal tactics. At the very front of this conflict centered around confidentiality, integrity, and availability stand the hardware and software solutions filtering, blocking, and redirecting attacks to the network or end-point devices. One of these solutions is Nessus, provided by Tenable Network Security. Nessus is an open-source network vulnerability scanner that can identify hard-to-find vulnerabilities in home and professional networks of varying sizes with any number of nodes. It is imperative that Medi-Ready’s cybersecurity program obtain and utilize Nessus at the forefront of its mission to secure the organization’s data and networks.

A 2018 study performed by the Ponemon Institute and sponsored by IBM Security concluded that the total cost, per-capita cost and average size of a data breach has increased every passing year (Ponemon, 2018). Figure 1 shows the data, which is measured in U.S. millions of dollars, by country. 

Figure 1. The global cost of a data breach in 2018. Retrieved from https://securityintelligence.com/ponemon-cost-of-a-data-breach-2018/

Ponemon Institute, which has been reporting the costs of data breaches for the past 13 years, concluded that the average time it took to identify a data breach was 197 days and the average time to contain or triage the breach was 69 days. Moreover, if IT staff could contain the breach in under 30 days, they would save the company an average of over 1 million US dollars (Ponemon, 2018). All these costs are a combination of the resulting direct and indirect costs an organization must pay out like refunds to effected customers, lawsuits, tarnished reputation, loss of future business, and revenue.

 Medi-Ready can no longer afford to not implement software security solutions such as Nessus. Nessus and many other tools must be integrated into a robust cybersecurity program so that Medi-Ready does not fall victim to a data breach, costing millions of dollars.

Nessus

Nessus is an open source, cross-platform vulnerability scanner provided by Tenable Network Security. It maintains a real-time plugin updates that keep the program scanning for the most current known vulnerabilities. It can be utilized via command line or graphic user interface (GUI) which is extremely user-friendly. Nessus was created for use with mostly UNIX systems but now can support Windows and Apple Mac OS (K., 2012). Now, with over 100,000 plugins available and new plugins being released every 24 hours, Nessus will provide significant vulnerability scanning capabilities to any organization which employs it effectively (Nessus Professional, 2018).

Real-time Nessus plugin updates provide the software with the most up-to-date information and auditing configurations necessary to identify even the newest malware threats and system vulnerabilities (Nessus Professional, 2018). Additionally, Nessus also has the capability to scan local or remote hosts, providing IT staff the capability to enforce mobile device management (MDM) policies and safe practices. 

Medi-Ready was recently the victim of website defacement and successful denial of service (DoS) attacks. Both attacks were a result of an exploited vulnerability which may have been from any system. Nessus may have been able to scan and audit all systems, hosts, and configurations and potentially identified a small but major vulnerability unknown to system administrators. Featured in the Nessus GUI are default scans that can and should be conducted on any network. Figure 2 is a screenshot from Nessus Professional, showing the pre-built policies and scan templates that can be utilized at the click of a mouse.

Figure 2. Out of the box, pre-configured templates. Retrieved from https://www.tenable.com/products/nessus/nessus-professional

Nessus provides users the capabilities to discover vulnerabilities such as mis-configurations, the presence of malware, cloud infrastructure auditing, mobile device mis-management, policy compliance, and even DoS checks. The ability to customize scans to fit individual requirements is always present and available in offline environments as well. More so, with the newest release of Nessus 8, Nessus Live Results now give security practitioners the ability to receive live updates to vulnerabilities on the network (Baker, 2018).

Reviews

 Information security professionals have had great things to say about Nessus and the insights it provides to its customers. Tony Bradley, an author with BizTech, describes Nessus as “…a powerful tool for staying one step ahead of attackers” (Bradley, 2011).

 Cybersecurity Insider’s 2018 Application Security Report also found that as of early 2018, Nessus was the cybersecurity industry’s most widely used vulnerability assessment solution. Nessus beat out its competitors with over half of all security teams analyzed reporting Nessus as their primary application vulnerability assessment software (Baker, 2018).

 Having used Nessus personally, I understand and must emphasize the importance of implementing this software solution at the top of the cybersecurity professional’s toolbox. Human error and negligence will always account for the 1% uncertainty when performing system administration. Technical solutions remain one of the most scrutinous and detailed means to identify and target vulnerabilities efficiently and conveniently. My experience with Nessus pales in comparison to the support generated from the numerous reputable organizations that utilize the software for themselves. VMWare, Amazon, Docusign, Dole, Twitter, PayPal, and Starbucks are just a few of the multi-million-dollar organizations that charge Nessus with identifying vulnerabilities to their network infrastructures (Nessus Professional, 2018).

Impacts to Implementation

As with any vulnerability scanner, Nessus scans can have impacts on production environments. The intrusive nature of these scans is what causes network lag or even programs to crash. However, if the scans were not intrusive, they would not be scanning everything. Nessus scans have the option to enable “safe checks” and, when enabled, perform networked scans in a method that ensures the target system is not interrupted. At most, the targeted system may receive a log entry (Gula, 2006). The intent behind this option is that, if needed, Nessus can perform scans during operating hours without interrupting productivity. In pre-production or testing environments, where interruption is not a worry, “safe checks” can be disabled so that targeted systems are thoroughly scanned for vulnerabilities.

Scans can also be configured to start during non-business hours on various days and produce a report of the scans for cyber security analysts to review in the morning. This way, if needed, Medi-Ready’s network and systems can be scanned daily for vulnerabilities and system administrators can mitigate risks to the organizations resources.

Integration and Education Costs

Tenable offers several options for commercial customers interested in using Nessus. Nessus Professional (Pro) can be purchased in yearly subscriptions of one year for $2,190, two years for $4,270, or three years for $6,240 (Nessus Professional, 2018). Tenable also provides a seven-day free trial of Nessus Pro for its commercial customers to try out and decide if it suits their needs.

Tenable also provides various forms of user education for the Nessus Pro software. On-demand and instructor-led courses are available for new or existing customers. These courses can be purchased by an organization and delivered to staff in any of these methods. Tenable also offers users the ability to obtain various certifications, proving one’s ability to perform tasks outlined in courses covering Nessus and its capabilities (Customer Education, n.d.).

Medi-Ready must also consider the amount of time that will be devoted to requirements such as monitoring, set up and updating of servers dedicated to Nessus while also integrating an annual or bi-annual training program to keep employees up-to-date on the features of Nessus. While these may not show in the form of an invoice or receipt, Medi-Ready must be able to devote adequate man-power to these tasks so that the software can run effectively. 

Conclusion

Like its competitors, Medi-Ready must turn to a more robust technical solution for its data security needs. The consequences of ignoring a rapidly evolving threat have already been felt by Medi-Ready and its competitors. Software solutions, such as Nessus, integrated together with network infrastructure and resources can provide formidable barriers and reliable systems for all departments and customers. This summary of Nessus and its capabilities can only serve as “the tip of the iceberg” when considering developing a cybersecurity footprint for the organization.

References

• B, K. (2012). Network Scanning Using Nessus. Retrieved December 3, 2018, from https://resources.infosecinstitute.com/network-scanning-using-nessus/#gref.
• Baker, C. (2018). Tenable announces enhancements to world’s most widely adopted vulnerability assessment solution. GlobeNewswire. Retrieved December 3, 2018, from https://www.nasdaq.com/press-release/tenable-announces-enhancements-to-worlds-most-widely-adopted-vulnerability-assessment-solution-20181001-00692.
• Bradley, T. (2011). Find the holes in your network with Nessus. BizTech. Retrieved December 3, 2018, from https://biztechmagazine.com/article/2011/07/find-holes-your-network-nessus.
• Customer Education. (n.d.). Retrieved December 3, 2018, from https://www.tenable.com/education.
• Gula, R. (2006). Understanding the Nessus “Safe Checks” option. Retrieved December 3, 2018, from https://www.tenable.com/blog/understanding-the-nessus-safe-checks-option.
• Nessus Professional. (2018). Retrieved December 3, 2018, from https://www.tenable.com/products/nessus/nessus-professional.
• Ponemon, L. (2018). Calculating the cost of a data breach in 2018, the age of AI and the IoT. Security Intelligence. Retrieved December 3, 2018, from https://securityintelligence.com/ponemon-cost-of-a-data-breach-2018/.