John Trujillo, AVP, Technology, Pacific Life Insurance Company

You Must Understand the Business Function of Digital Assets

  • To have effective risk management, there need to be standards around how risks are identified, how they’re ranked, and how they are either accepted or remediated.
  • As you move to more automated, AI-driven tools for vulnerability scanning and analysis, you need to have a solid vulnerability-management program in place.

“When you get to a place where machines can do it, it becomes feasible for a company to start moving toward continuous vulnerability testing and automating the prioritization of remediation.”

John Trujillo believes vulnerability and risk management for digital assets is part of a larger business challenge. “If I lose a system to a physical event or I lose a system to a logical attack, the business ultimately doesn’t care. In the aggregate, you need a comprehensive risk assessment and management program, of which security is a critical component.”

This is an excerpt from 7 Experts on Threat and Vulnerability Management. The eBook was generously sponsored by RiskSense.