Finding True Cyber Risk Priority: A talk on risk prioritization & remediation

Presented by

Victor Gamra, CISSP, CEO; Erik Nost, Senior Analyst (Forrester)

About this talk

Security and risk teams are flooded with alerts, identified vulnerabilities and security threats that require analysis and contextualization to be put into an order of importance for an organization. CVSS has been a de-facto method for prioritizing risk and vulnerabilities, however security practitioners are now adopting a more effective method that includes using cyber threat intelligence (CTI) to help inform the likelihood of threat events occurring and additional factors to analyze business impact. Join Victor Gamra, CISSP, CISM, the Founder and CEO of FortifyData and guest speaker Erik Nost, Senior Analyst at Forrester as they discuss the improvements and evolution for risk-based vulnerability management for prioritization and remediation management. The times have changed, and technology has made it easier to get a prioritized view of cyber risks unique to an organization. Through contextualizing risks using asset classification along with vulnerability and threat intelligence data, allows teams to focus on the most serious risks to the organization. They will discuss: - The value in auto-identification of assets - Why classifying assets is fundamental - Integrating CTI to inform risk based on targeted industry and common vulnerabilities - Analysis on threat scenarios based on likelihood and business impact - Tying it all together to achieve Risk-based vulnerability management

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (6)
Subscribers (552)
FortifyData is an industry-leading Continuous Threat Exposure Management (CTEM) company that enables the enterprise to manage cyber risk across the organization. By combining automated attack surface assessments with asset classification, risk-based vulnerability management, security ratings and third-party risk management, you get an all-in-one cyber risk management platform. Follow our channel to learn how we give organizations a 360-degree view of their cyber risk exposure through provisioning comprehensive external and internal technology assessments, compliance-based control assessments, and collaborative third-party risk management solutions.