Process Vulnerabilities

00:01

hi and welcome to lesson 1.1 dot two on process vulnerabilities.

00:06

This is gonna be, ah, really short lesson just to cover the basics of process vulnerability.

00:11

There are a lot of things to consider when it comes to process vulnerabilities it really the list is endless and the things that can go wrong with process but some of the common ones are things like Peck Patch management. You know, all of those software vulnerabilities we just learned about. How do we patch those? What's the schedule look like? What's the the

00:30

process look like for for putting them in place and validating that they're working and all of those good things. We have a whole section on that

00:38

later in the in the course access, creation and attestation is another good one. Whenever someone new starts a company, how do we create their account? How do we make sure over time that they still have the access that they need? An incident response is another good one. You know, when something happens in the environment,

00:56

how do we respond to it? You know what? If our process is broken and we don't respond in a timely manner we don't get the right people involved

01:03

when we should. Maybe we don't communicate with the right people when we need to, and we get in some legal trouble. Really. Like I said, the processes vulnerability piece, it's endless, the number of things that could go wrong. But we'll walk through one of these examples just to show one of the common things that happens in an environment

01:22

from the purpose of access creation. Attestation. Let's say we've got our We've got Bob over there again on the left hand side and bobbed in the legal department. You know, he's he's an attorney and he's taking care of all of our intellectual property. And he gets his access rights from our access database, which may be Active directory or some of their L DAP database.

01:40

But he's getting all of the getting access to all of the legal documents in the things he needs from that access database.

01:46

But Bob, you know what? He's getting tired of being a lawyer. It's getting too stressful when he wants to do something more creative. So he moves over to the marketing department, and when he does, he gets new access rights and marketing. He kids access to all of the templates and the things that he needs to create marketing campaigns. But there's no process in place to remove his rights from legal.

02:06

So now Bob, even though his job function is marketing,

02:08

he still has all these rights that he had. He still has access to intellectual property and insider trading things and all sorts of things that he shouldn't have access to.

02:16

This is pretty common in the corporate world, and you know some of the things that you conduce to mitigate it. We'll get into it just a second.

02:25

So how do we mitigate it? One of them is just regular process review. That's that goes without saying Just review processes, maybe annually have, ah, sit down with executives and review all the processes. Make sure they are what they should be. But another good one is a tabletop exercise.

02:40

Now, tabletop exercise is nothing more than sitting around a table with a bunch of stakeholders

02:46

and one persons designated as the administrator of the exercise, and they come up with a scenario. The administrator incident response uses this all the time, for example, So the scenario, maybe something like, Okay, you're just been breached. And all of your data from this database ended up on the dark Web. What do you do?

03:05

And the people around the table, the legal team person may say, Well, we need to

03:08

get paperwork in place because we have to contact our clients. And the executives may say, Well, we need to put out a press release and the security manager says, Well, we need toe invoke the incident response team,

03:20

and then the administrator says, Okay, you've done this. You've done okay. Now, this happens Now what do you do? And you just step through it and walk through it. And just by verbally going through that scenario, you identify gaps in your processes and you can make tweaks to your to your policies and procedures.