Government agencies face a constant stream of threats. Attackers are determined, frequent, and persistent. Equally confounding for the defender is an extraordinary set of options: security products and technology, training and certifications, vulnerability databases, risk management frameworks, threat intelligence feeds and alerts, and information sharing schemes. To effectively manage these threats, information security programs must be driven by prioritization.
One way to approach this is by referencing a Threat and Vulnerability Management Maturity Model. Models like this help create an ongoing, repeatable, operational process to find relevant new information about attackers, assess the implications, make key decisions, and take action.
Join us along with guest Geoff Hancock from Advanced Cybersecurity Group, as we talk about how to:
-Mature and operationalize Threat and Vulnerability Management programs
-Efficiently approach the Risk Management Framework
-Establish well-defined processes, continuous monitoring, and risk assessments