Abstract

This IDC TechBrief discusses the need for modernizing vulnerability and exposure management processes to secure complex computing systems. Siloed assets and hybrid environments complicate asset management and present increased risk of exploitation without centralized inventorying and assessment. Federal agencies can utilize both FedRAMP-approved cloud services and on-premises tools to develop an all-encompassing analysis of cloud, web, and on-premises assets to comprehensively address vulnerabilities with a risk and impact-based prioritization model.

"Emerging technologies have made vulnerability management exponentially more challenging. New technologies like edge, 5G, IoT, and OT have complicated networking and added millions of endpoints to federal networks. This trend will only continue and requires a centralized, risk-based approach to manage the new vulnerabilities they present. Agencies that have yet to adopt these new technologies can still benefit from modernizing vulnerability management to patch outdated devices, update legacy systems, and securely facilitate cloud adoption." — Aaron Walker, research manager, Government Trust and Resiliency Strategies at IDC

Coverage