How to Show Business Benefit by Moving to Risk-Based Vulnerability Management



Vulnerabilities are relentless and exploited by targeted attacks faster than ever with damaging results to business. Study after study shows that most successful attacks exploit well known vulnerabilities with existing patches. Most businesses already do some form of vulnerability scanning but for many, time to remediate has not gone down. Yet some organization have broken out of this pattern—how have they done it?

 

 

One of the key difference makers has been evolving to risk-based vulnerability management. IT operations resources and change windows are scarce resources. Mature, risk-based vulnerability management incorporates fresh and accurate asset inventory and criticality identification, active threat intelligence and automation support to prioritize the most business-critical risks and focus resources on fixing the most business-damaging exposures first.

 

 

This webcast will help security managers determine their current vulnerability management baseline using a SANS-developed set of RBVM patterns. From there, SANS Director of Emerging Trends John Pescatore and a representative from Tenable will explore:

 

  

 

    • How to do a gap analysis to choose proven approaches for moving to RBVM

  

    • Selection criteria for evaluating products and vendor

  

    • Lessons learned for reducing time to mitigate and showing business benefit

 

  

Register today and be among the first to receive the associated whitepaper written by John Pescatore.

Speaker and Presenter Information

John Pescatore

 

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

 

Nathan Wenzler

 

Tenable Chief Security Strategist Nathan Wenzler has more than two decades of experience designing, implementing and managing both technical and non-technical security solutions for IT and information security organizations. He has helped government agencies and Fortune 1000 companies alike build new information security programs from scratch, as well as improve and broaden existing programs with a focus on process, workflow and risk management.

Relevant Government Agencies

GSA, Federal Government, State & Local Government


    Event Type
    Webcast


    This event has no exhibitor/sponsor opportunities


    When
    Tue, Aug 11, 2020, 2:00pm - 3:00pm ET


    Cost
    Complimentary:    $ 0.00


    Website
    Click here to visit event website


    Event Sponsors

    tenable


    Organizer
    SANS


    Contact Event Organizer



    Return to search results