Is traditional vulnerability management failing us? Let's explore why and what organizations should be using instead. We're covering vulnerability scores, threat-based scores, risk-based scores and more. Let's dive in: https://lnkd.in/gpHrqvcY
Balbix’s Post
More Relevant Posts
-
In efforts to help implement more effective prioritization for risk reduction and maintain compliance, Tenable Nessus now supports new and updated vulnerability scoring systems. Discover the key features in this release: https://ow.ly/H85R50TfRVA
Tenable Enhances Nessus Risk Prioritization to Help Customers Expose and Close Exposures
tenable.com
-
Wondering about Continuous Threat Exposure Management (CTEM)? Our approach https://lnkd.in/eETxfKw8
Getting started with Continuous Threat Exposure Management (CTEM)
outpost24.com
-
Did you know it takes an average of 55 days to deploy a critical patch? Discover how risk analysis can transform your vulnerability management strategy & protect your critical assets more efficiently: https://bit.ly/4dIwlog
Vulnerability Management Is Wasted Without Risk Analysis
https://asimily.com
-
For my Insider Risk peers, check out my blog post on these (now free) tools to help assess your Insider Risk program...
CERT Releases 2 Tools to Assess Insider Risk
insights.sei.cmu.edu
-
Just a small, minor observation from the events of last week. Where the fuck was the 'risk management'? I don't just mean at Clownshite. I mean EVERYWHERE. Every year, Beasley and Branson release a report that demonstrates that organisations all over the world don't care about risk management. ERM isn't happening or isn't valued. Why do you think that is? Is it because they realise that it's all fantasy bullshit? All your heatmaps, loss distribution curves and finger-paintings are all utter nonsense. You know it. They know it. You might as well climb and ancient Greek mountain and ask a drugged teenage girl what the future holds. That is how all this started, right? I have been arguing for YEARS that we need to separate security practice from risk management. I have a rational argument for WHY. And for years, I have been ignored. My position is a little bit too 'real' and raw for most people. Yeah, the people who prefer to bullshit are afraid of people who learned and understood. How real and raw was life last week? Just asking. I guarantee you, nobody learned anything from it. Read this if you want an alternative to playing with dice and bullshitting. https://lnkd.in/ezHJC72q
Real Security Management
realsecuritydoctor.thrivecart.com
-
Has it been a while since your organization conducted a Threat and Risk Assessment? Have you never done one? You should get cracking. The threat environment has changed a lot in the past two years, and the TRA remains the foundation of a good BCM program. For inspiration, check out MHA Senior Advisory Consultant Richard Long’s blog post: https://bit.ly/3QplHKt
A Sample Threat and Risk Assessment: The Case of Acme Widget Corp.
https://www.mha-it.com
-
SoSafe announced the launch of their pioneering Human Risk Operating System, The Human Risk OS™, a set of capabilities designed to help customers identify, quantify, monitor, and intervene on human security risk. https://lnkd.in/g4at3Vgj #TechNews #StayInformed #StayAhead #dailydose #followus #staytuned #stayconnected #technews #technology #trending #trendingnow #trendingnews #explore #explorepage #techdogs
SoSafe Introduces The Human Risk OS, Leading The Category Evolution
techdogs.com
-
CTEM 101 - Go Beyond Vulnerability Management with Continuous Threat Exposure Management https://lnkd.in/eTKEq4G9 #infogov #informationgovernance #ctem #vulnerabilitymanagement #threatexposuremanagement
CTEM 101 - Go Beyond Vulnerability Management with Continuous Threat Exposure Management
thehackernews.com
-
💬 Have questions about information security or risk management? I'm here to help anytime (-> [email protected])! Understanding the risk scenario components is crucial for effective Risk Management, especially when dealing with threat scenarios. Here's a quick breakdown: 🔍 Actor: Who's behind the threat? It could be internal (employees), external (hackers), or even regulators. ⚠️ Threat Type: Is the threat malicious, accidental, or due to a failure? Knowing this helps in planning defenses. 📊 Event: What happens? It could be a disclosure of sensitive info, an interruption of services, or a modification of data. 🏢 Asset/Resource: What’s at risk? Consider people and skills, organizational structures, processes, and facilities. 📈 Frequency/Loss Magnitude: How often could it happen, and what's the potential impact? This determines the severity and urgency of the threat. 🔑 Mastering these components is key to mitigating risks effectively. #RiskManagement #InformationSecurity #iso27001 ✍️ As always, I hope this provides you value! ♻️ Reshare if I got this right.
-
Quickly identify what assets are affected by headlining CVEs and CISA KEVs, then implement initiatives to track your progress in removing these exposures. SLAs can be defined and the measurement of time to remediate can clearly articulate how effective your organisation is, when reducing risk.
Turning Data into Action: Intelligence-Driven Vulnerability Management
tenable.com
