Standard Chartered Bank has started using continuous
network vulnerability checking to improve patch
management.
Over the past two years the bank has developed a risk profile for
the applications it runs across its network using Riskwise, an
in-house-developed tool that allows it to prioritise which IT
systems to patch first when a security notice is issued.
It is now using Riskwise in conjunction with a vulnerability
scanning service from Qualys. The supplier monitors the bank's
networks and reports misconfigured IT systems that could be
exploited by a hacker.
This feedback allows Standard Chartered Bank to continuously assess
whether an application could be attacked and update its risk
profile, and so prioritise patching.
With more than 30,000 desktop PCs and 2,500 servers at the bank,
John Meakin, global head of information security at Standard
Chartered, has to make a decision each time a new security alert is
issued about whether to dedicate his entire team to patching all
machines or patch over a longer period and remain open to the
risk.
"We would like to discover with Qualys whether there are problems
with configurations and feed this back into an updated map of the
risk that is present on the network," he said.
Infosecurity: Lead from the top >>