Finding True Cyber Risk Priority: A talk on risk prioritization & remediation

Security and risk teams are flooded with alerts, identified vulnerabilities and security threats that require analysis and contextualization to be put into an order of importance for an organization. CVSS has been a de-facto method for prioritizing risk and vulnerabilities, however security practitioners are now adopting a more effective method that includes using cyber threat intelligence (CTI) to help inform the likelihood of threat events occurring and additional factors to analyze business impact. Join Victor Gamra, CISSP, CISM, the Founder and CEO of FortifyData and guest speaker Erik Nost, Senior Analyst at Forrester as they discuss the improvements and evolution for risk-based vulnerability management for prioritization and remediation management. The times have changed, and technology has made it easier to get a prioritized view of cyber risks unique to an organization. Through contextualizing risks using asset classification along with vulnerability and threat intelligence data, allows teams to focus on the most serious risks to the organization. They will discuss: - The value in auto-identification of assets - Why classifying assets is fundamental - Integrating CTI to inform risk based on targeted industry and common vulnerabilities - Analysis on threat scenarios based on likelihood and business impact - Tying it all together to achieve Risk-based vulnerability management