Last week, we hosted our fifth semi-annual CyberRisk Summit, a free and virtual event bringing together some of the industry’s leading practitioners to share their knowledge and expertise when it comes to improving security posture. You can watch the full recording here.
This most recent event featured an industry case study from PurpleSec, and showcased some of the latest features in the Vulcan Cyber risk management platform. Here are some of the highlights from the event:
1. A brave new world for cyber risk management
Today’s cyber risk landscape is a sprawling mess of new attack vectors and scanners being introduced to tackle them, not to mention the growing number of teams involved in mitigating the threat. 2023 will see more of the same, with malware, remote code execution, and supply-chain risks on the rise especially. Organizations must embrace data correlation and vendor consolidation before things spiral out of their hands.
2. Leveraging the MITRE ATT&CK framework
Mitre’s ATT&CK matrix details the common techniques employed by attackers to access systems and data. Through the work of Voyager18, these techniques have been mapped to relevant CVEs to help organizations align their vulnerability and risk management framework to the most relevant threats they face. In addition to the free tool, Vulcan Cyber customers can also take full use of the team’s research, built into the Vulcan Cyber platform.
3. Faster, smarter, better – the ROI of Risk-based vulnerability management
Vulnerability management is an expensive and complicated process. Attackers are lurking, and practitioners are in a constant battle to stay ahead of the curve. Together with Vulcan Cyber, PurpleSec’s risk-based vulnerability management helped reduce the mean time to remediation (MTTR) for a well known US travel organization by over 7% – a big win for the security team.
4. Meeting the compliance challenge
Implementing a risk-based vulnerability management strategy is a crucial component of complying with many industry standards. But vulnerability compliance may be inefficient and expensive without the proper solution in place. With vulnerability analysis, remediation workflows, compliance dashboards and reporting capabilities, the Vulcan Cyber platform can be quickly setup to support ongoing compliance efforts for NIST, GDPR, PCI DSS, HIPPA, and more.
Stay tuned for the next event
The CyberRisk Summit will be back in May 2023. In the meantime, take a moment to explore some of our most recent resources:
- Cyber risk in 2022: A 360° view
- Threat intelligence frameworks in 2022
- Vulnerability management 2022 – maturity, automation and more
- Exploit maturity: an introduction
- The real cost of a data breach (according to IBM)