Threat and Vulnerability Management: A Key Enabler of Your IT GRC Program

Presented by

Eric Vanderburg, the "Sheriff of the Internet"; Yo Delmar, MetricStream, Vivek Shivananda, Rsam, and Joe Fantuzzi, RiskVision

About this talk

In every organization, there are a multitude of applications and devices and a universe of threats and vulnerabilities. Every process, function and system has certain risks and compliance requirements. It is no longer enough to have a handful of diligent security and compliance professionals managing the organization's risk strategies and controls. Their processes must embrace business and mission professionals’ knowledge of risk, who evaluate the causal impact of threats to their operational performance, and participate in decision-making to meet their risk posture goals. Organizational GRC context is achieved by correlating business criticality, threat reachability, IT controls and vulnerabilities to optimize business performance through prioritized remediation, resulting in the desired risk posture with compliance governance. CIOs and CROs need to holistically integrate threat and vulnerability management processes into the broader IT governance and risk management program. This approach will allow IT organizations to not only deal with cyber-threats effectively, but also manage IT risks and compliance mandates more proactively. Join this executive panel as we discuss ways to use threat and vulnerability management to enable your IT GRC program.

Related topics:

More from this channel

Upcoming talks (4)
On-demand talks (142)
Subscribers (44573)
The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.