Asset Risk In 3 Short Videos (and 1 Long One)

July 2, 2020 Kenna Security

When you examine vulnerabilities and try to derive patterns and lessons learned, it becomes clear that risk management is not just about the vulns. It is, in fact, very much about the assets. In our fifth installment of Prioritization to Prediction (a research series conducted with our partners at the Cyentia Institute), we share some of the patterns and lessons that emerge when you view risk-based vulnerability management from an asset perspective.

We also got busy explaining some of those insights in a series of videos that highlight key takeaways from this research. Here are a few short videos that offer a high-level look, followed by a comprehensive overview. All 22 minutes of it. 

Why asset risk is so important 

The typical organization manages vulnerabilities across 800 active assets,
but 10% manage over 35,000 assets.
– Prioritization to Prediction, Volume 5: In Search of Assets At Risk

Shifting focus from vulnerability-centric risk to asset-centric risk helps teams better understand and manage risk within their environment. Here’s Kenna’s own CTO and Co-Founder Ed Bellis on why managing risk is all about determining which assets (or group of assets) are at risk and the likelihood of those assets being targeted.

Asset risk informs remediation tactics

What does a review of vulnerabilities on an asset or group of assets tell you? Well, Wade Baker, Co-Founder and Partner of the Cyentia Institute, reveals how the P2P, Volume 5 findings might make you rethink the way you approach remediation.

Wade dives deeper into the idea of comparing the researched characteristics of vulnerabilities on systems or assets–and how doing this can help CISOs determine the strengths and weaknesses of each system, and what that means for their environment.

Want even more detail? 

The post Asset Risk In 3 Short Videos (and 1 Long One) appeared first on Kenna Security.

Previous Article
Employee Spotlight: Lattes with Linda Brown
Employee Spotlight: Lattes with Linda Brown

If perseverance was a person, it would be Linda Brown. It’s been almost four and a half years since Linda j...

Next Article
[Podcast] Risk, Measured: Components of Cyber Risk
[Podcast] Risk, Measured: Components of Cyber Risk

The first episode in a Security Science mini-series called Risk, Measured – Kenna’s Chief Data Scientist, M...