Black Swan Theory for Vulnerability Management
- Apr 16, 2018
- Guest Author
The black swan theory grew out of a metaphor that referred to something that didn’t exist at one point. When it was discovered and proven that black swans actually did exist in nature, the term took on its current meaning, referring to big events that were unexpected prior to their occurrence.
In cybersecurity, these “Black Swan” events — malware attacks — are not very rare at all. These malware attacks seem to blind-sight the cybersecurity industry every month or two
The proliferation of these events have led to the development of Black Swan Theory for Vulnerability Management. Developed by NopSec CTO Michelangelo Sidagni and Head of Security Research, Shawn Evans, the theory aims to describe a method for predicting these ‘black swans’ more reliably. By breaking down the aspects of what make these black swan vulnerabilities so serious, wide-ranging and damaging, they have made it possible to predict them with better accuracy.
Vulnerabilities, as a whole, can be effectively described with just a few characteristics:
Combining these characteristics provides the ability to perform a sort of ‘backward search’ to find these black swans. By searching through known software, hardware, devices and protocols using these criteria, it is possible to predict where serious vulnerabilities may be waiting to be discovered. This is the same logic researchers, criminals and government-funded hackers will use to find new and novel targets as well.
Using this criteria, the following are some of NopSec’s predictions for 2018:
General threat intelligence can also help to create likely risk scenarios by studying and analyzing past attacks and breaches. Industry reports like Verizon’s Data Breach Report, FireEye’s M-Trends report and Microsoft’s Security Intelligence Report (SIR) contain intelligence and recommendations based on actual attacks, breaches and incidents.
To learn more about the Black Swan Theory for Vulnerability Management and NopSec’s Top Cybersecurity Threat predictions, click here to download of copy of our 2018 Top Cybersecurity Threats White Paper.