Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. This week, we look back on some highlights from the first couple of months of posts, including the broad view exposure management provides, business impact and getting to a single pane of glass. You can read the entire Exposure Management Academy series here.
Since we started the Exposure Management Academy in March, we’ve covered a range of topics with contributions from many of Tenable’s industry experts. In this post, we look at a few of the highlights, focusing on the work of three Tenable thought leaders: information security engineer Arnie Cabral, CSO Robert Huber and CIO Patricia Grant.
Exposure management provides a broader view
If you’re wondering about exposure management, you should pay attention to Arnie Cabral. He’s on the front lines as we move to exposure management internally. Cabral wrote that Tenable’s shift began with a simple realization.
“We knew that, although it is critical to modern cybersecurity, vulnerability management alone doesn’t provide a complete picture of cyber risk,” he wrote. He added that traditional vulnerability management involves scanning assets for known vulnerabilities and remediating them based on severity scores.
“However, true security risk management requires a broader view that includes misconfigurations, attack surface visibility and real-time threat intelligence,” he wrote.
To get going, he reframed existing policies to align with the new approach. This wasn’t just a matter of editing the text, he noted.
“Instead, we redefined our objectives and transformed our policies to ensure alignment with emerging risk-based exposure management frameworks,” he wrote.
Read all of Arnie’s post: What it Takes to Start the Exposure Management Journey.
It’s all about business impact
With a quarter century in cybersecurity, Robert Huber has the perspective it tak
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: