You Must Understand the Business Function of Digital Assets
- To have effective risk management, there need to be standards around how risks are identified, how they’re ranked, and how they are either accepted or remediated.
- As you move to more automated, AI-driven tools for vulnerability scanning and analysis, you need to have a solid vulnerability-management program in place.
“When you get to a place where machines can do it, it becomes feasible for a company to start moving toward continuous vulnerability testing and automating the prioritization of remediation.”
John Trujillo believes vulnerability and risk management for digital assets is part of a larger business challenge. “If I lose a system to a physical event or I lose a system to a logical attack, the business ultimately doesn’t care. In the aggregate, you need a comprehensive risk assessment and management program, of which security is a critical component.”