When you examine vulnerabilities and try to derive patterns and lessons learned, it becomes clear that risk management is not just about the vulns. It is, in fact, very much about the assets. In our fifth installment of Prioritization to Prediction (a research series conducted with our partners at the Cyentia Institute), we share some of the patterns and lessons that emerge when you view risk-based vulnerability management from an asset perspective.
We also got busy explaining some of those insights in a series of videos that highlight key takeaways from this research. Here are a few short videos that offer a high-level look, followed by a comprehensive overview. All 22 minutes of it.
Why asset risk is so important
The typical organization manages vulnerabilities across 800 active assets,
but 10% manage over 35,000 assets.
– Prioritization to Prediction, Volume 5: In Search of Assets At Risk
Shifting focus from vulnerability-centric risk to asset-centric risk helps teams better understand and manage risk within their environment. Here’s Kenna’s own CTO and Co-Founder Ed Bellis on why managing risk is all about determining which assets (or group of assets) are at risk and the likelihood of those assets being targeted.
Asset risk informs remediation tactics
What does a review of vulnerabilities on an asset or group of assets tell you? Well, Wade Baker, Co-Founder and Partner of the Cyentia Institute, reveals how the P2P, Volume 5 findings might make you rethink the way you approach remediation.
Wade dives deeper into the idea of comparing the researched characteristics of vulnerabilities on systems or assets–and how doing this can help CISOs determine the strengths and weaknesses of each system, and what that means for their environment.
Want even more detail?
- Get your copy of Prioritization to Prediction, Volume 5: In Search of Assets at Risk.
- Watch the full video results as narrated by Ed and Wade.