Submit the keyword or topic you are searching for

  1. Home
  2. Technology
  3. Exposure Prioritization: A Key Element For Proactive Threat Defense
Technology

Exposure Prioritization: A Key Element For Proactive Threat Defense

featured-image

Why is it so hard to prioritize potential vulnerabilities? And what can we do about it? Let’s take a closer look.

Manoj Srivastava is Chief Technology and Product Officer at Blackpoint , where he leads technology, product management and product marketing. Ask people to define “cybersecurity,” and most will describe the reactive phases of the threat life cycle, detecting and remediating active threats. Although these capabilities are essential, this is like defining “healthcare” solely by what happens in the emergency room.

Yes, being able to quickly diagnose a heart attack and get patients into surgery is crucial, but it’s just one part of overall care. Others are just as important, like promoting healthy habits to avoid acute emergencies. Help patients control their blood pressure, practice good nutrition and get regular checkups, and they’ll have better baseline health—and fewer trips to the ER.



In cybersecurity, exposure management works similarly. Making an ongoing effort to fix vulnerabilities in your environment before they’re exploited is just good cyber hygiene. According to the IBM Cost of a Data Breach Report , the average cost of a breach climbed to $4.

88 million last year, the highest ever recorded. Yet, organizations that take more proactive steps to understand their vulnerabilities can expect fewer breaches and lower costs. A Gartner researcher recommends building a continuous threat exposure management (CTEM) program to proactively discover, profile and prioritize security investments around those threats most likely to target your business.

The researcher states that “by 2026, organizations that prioritize their security investments based on a continuous exposure management program will be 3x less likely to suffer a breach.” It’s the “prioritization” part of exposure management, though—ranking security risks based on their potential impact and likelihood of being exploited—that challenges organizations most. Why is it so hard to prioritize potential vulnerabilities? And what can we do about it? Let’s take a closer look.

You don’t have to be a cybersecurity expert to see the wisdom in focusing on the vulnerabilities that pose the greatest risk to your business. And the context needed to identify those threats—like which vulnerabilities were previously exploited in your environment and which systems are still vulnerable—is already in your possession. So, it should be straightforward to apply that context to exposure management, shouldn’t it? Unfortunately, this isn’t the case.

Connecting the dots between past and future and reactive and proactive defenses can be immensely difficult, especially for midsize enterprises and the managed detection and response (MDR) partners supporting them. The problem stems from how modern security solutions are designed and how the industry itself has evolved. Start with fragmented tooling.

There’s now an incredible range of tools to combat every type of threat. The problem is that many are so specialized, they require extensive subject matter expertise to use effectively—a tall order given that 53% of organizations already face a shortage of skilled security workers. Worse, many of those disparate tool sets don’t share information, leaving organizations that want to understand the big picture to synthesize them on their own.

For example, you can buy a scanning tool to detect software vulnerabilities in your environment, but it won’t necessarily integrate with the detection and response (xDR) tools that identify breaches caused by them. Those tool sets may even be owned by two different teams: one focused on proactively managing vulnerabilities and the other on remediating active threats. So, it’s still up to human analysts to connect the dots.

The same challenges apply to cybersecurity data. In theory, information from reactive defenses should provide key context for threat prevention. Say your security operations center (SOC) fixes a compromise that exploited a software vulnerability on a particular endpoint.

That reactive event should immediately trigger a proactive effort to find other endpoints with the same vulnerability. But the information needed to do that is often scattered across multiple siloed datastores associated with different tools and teams. Finally, there’s the nonstop firehose of alerts from this ever-growing collection of security tools, making it harder for overburdened analysts to surface the highest-priority threats.

Say your industry-standard threat intelligence feed reports an unpatched vulnerability but classifies it as low-risk, meaning you can focus your attention elsewhere. Well, what if that vulnerability was exploited in your environment three months ago? Should you treat that alert differently? Does the person making that call even know about the previous exposure, or was it handled by a different team using different tools? Exposure prioritization is hard because it’s inherently customized. To do it well, you (or your MDR partner) need ready access to all relevant context for your specific organization and the ability to apply that context on a case-by-case basis.

Given the ever-evolving threat landscape and fragmented security tools and data, it's no wonder many businesses struggle. We can solve this problem, but we’ll need to think differently about cybersecurity. As an industry, we need to stop treating threat defense as a collection of disparate detection and prevention tools and instead focus on managing the overall security posture for our customers.

We should also give businesses and their MDR partners a way to understand and manage security posture from a single, unified platform. By adopting a platform-based approach to cybersecurity, organizations can still use best-of-breed tools. Only now, those tools feed into a universal framework that spans both reactive and proactive defenses.

Equally important, all an organization’s contextual data from its various tool sets can also now be accessed from one place. This means it’s now possible to capture the business’ overall security posture at any given moment in a single rating or score—a valuable capability when advocating for new investment or demonstrating how the business’ posture has changed over time. A platform-based approach also makes it easier to assess and prioritize exposures because reactive and proactive capabilities now function within a self-perpetuating cycle.

Insights gleaned from yesterday’s reactive interventions can automatically inform today’s preventative exposure prioritization, which in turn enables faster triage and remediation tomorrow. These kinds of ongoing, context-driven interconnections across the threat life cycle translate to stronger overall security and significant savings. Like the patient who eats right, exercises and never misses a checkup, your proactive cybersecurity efforts won’t guarantee you’ll never have a breach.

But they’ll stop many of the biggest threats before they ever have a chance to disrupt your business. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?.

My Protein Germany

Myprotein UK

Menkind UK

Top News

POOJA HEGDE SPOTTED AT AIRPORT ARRIVAL

Pooja Hegde was recently spotted at the airport, exuding a r...

Notables Attend Munira Chudasama’s Condolence

Tara Sutaria Spotted Shooting In Bandra

Ibrahim and Rasha Thadani Spotted at IPL

Related Posts

post-thumbnail
Technology

Motorola to outfit first responders with new AI-enabled body cameras

post-thumbnail
Technology

What Mark Zuckerberg really thought about Instagram before buying it

post-thumbnail
Technology

I've tested countless gaming chairs and the brilliant AndaSeat Novis could be the best budget option yet

post-thumbnail
Technology

Grand Strand Happenings: May means golf, bike rallies and music in the Myrtle Beach area

post-thumbnail
Technology

Don't wait for back to school — 9 laptop deals I'd get ahead of impending tariffs

post-thumbnail
Technology

Augusta Air Show, Springfest in North Augusta

post-thumbnail
Technology

Why Is Rep. Murphy forcing consolidation without answers?

post-thumbnail
Technology

Climate Camp 2025 opens registration for youth-led environmental initiatives