NIST Proposes New Metric to Gauge Exploited Vulnerabilities

The National Institute of Standards and Technology (NIST) is proposing a novel method to assess which software vulnerabilities are most likely being exploited, known as the “Likely Exploited Vulnerabilities” (LEV) metric.

This initiative appeals to the cybersecurity community to help refine and authorize the approach.

Addressing The Gap in Vulnerability Evaluation

Across the cybersecurity landscape, thousands of vulnerabilities are reported annually.

With such a vast number, it becomes challenging for organizations to understand which vulnerabilities pose the most significant threat and are likely being exploited in the real world.

Generally, two tools are used to gauge this: The Common Vulnerability Scoring System (CVSS) to rate the severity of software vulnerabilities, and the Exploitability Index, to forecast the likelihood of them being utilized in an attack.

The proposed LEV metric combines and enhances these existing tools.

LEV: Gearing up for Real-World Scenarios

With an aim to counter real-world threat scenarios, the LEV evaluates potential for exploitations based on the abundance of software, its usage context, and adversary behavior.

It plans to provide a much-needed indication of an actual threat, rather than a theoretical one.

For instance, an e-commerce platform might use LEV to gauge if a new threat to its data encryption algorithm is being exploited in real-world attacks.

Through examining characteristics like whether the weakness is network accessible, if user interaction is required, and the ease of exploitability, LEV provides a facet to perceive the actual risk.

Involving Cybersecurity Community for a Refined Approach

NIST calls upon the cybersecurity community to assist in validating and improving LEV.

The principle behind this collective approach is to ensure that the metric is adaptable across a variety of organizational contexts and factors in the ever-evolving threat landscape.

Implication for Organizations

The LEV method promotes a proactive approach in cybersecurity procedures.

Knowing which vulnerabilities are likely being exploited can guide organizations to prioritize patching and other security measures.

This metric allows for more informed and effective vulnerability management, leading to robust security infrastructure.

Conclusion

The proposed LEV metric presents a more targeted way for organizations to respond to software vulnerabilities.

However, its effectiveness still depends on the collaborative efforts in refining it to the changing threat landscape.

Follow-Up Reading

1. NIST Offers Tool to Help Defend Against State-Sponsored Hackers
2. What is CVSS and why is it important in vulnerability management?
3. How to become a cybersecurity pro: A cheat sheet