PROBLEM
A major Communications & Media company faced significant security risks due to a large number of long-lived vulnerabilities in its service delivery network. These vulnerabilities remained unresolved because the asset owners were unknown, making it impossible to assign remediation tasks. The company’s manual processes for identifying asset ownership were overwhelmed by the sheer volume of newly discovered vulnerabilities and assets. Critical metadata, including asset ownership information, was incomplete due to manual data entry by operational teams. As a result, the security team struggled to promptly assign vulnerabilities, leading to a surge in high severity vulnerabilities without designated owners, which peaked in the thousands.
SOLUTION
DayBlink Consulting developed a comprehensive, automated solution to identify asset owners and facilitate timely vulnerability remediation. We consolidated tens of millions of records from various operational systems into a single data lake, ensuring the latest information was always available. Our team then developed automation to sift through this data, applying advanced pattern recognition and predefined match rules to identify potential asset owners. A user-friendly interface allowed operational teams to confirm or correct ownership information, and a notification system alerted users to assets requiring immediate attention. Additionally, business intelligence dashboards in Tableau provided executive leadership with insights into the vulnerability management process.
RESULT
The implementation of our solution resulted in a 97% reduction in missing ownership for high severity vulnerabilities. The number of high severity vulnerabilities remaining open beyond their SLA dropped by 90%. The automation not only reduced security risks but also reclaimed 50,000 work hours annually for security personnel and operations teams, translating to over $5M in cost savings each year. The project established a robust data platform that now supports additional asset management and security initiatives, creating new capabilities and metrics for the CIO and CISO organizations. Our ongoing collaboration with the client aims to extend these benefits, making comprehensive and accurate data a cornerstone of their operational and security strategies.