I recently became a SecurityWeek contributor and I encourage you to check out my second article, Three Mistakes Companies Make When it Comes to Vulnerability Management. In security circles, “vulnerability management” is often considered a quick and easy path to threat remediation. If you mention it to prospects, they will almost certainly tell you, predictably and definitively, they are already doing it.
Unfortunately, most of these companies are not actually managing vulnerabilities, but rather conducting scans that produce thousands of potential threats. It’s important to recognize the difference between identifying possible security risks and actually managing them through to remediation. Because distinguishing the hype from reality of vulnerability management can be confusing and difficult, I’ve come up with a quick and simple self-assessment, and outlined three common management mistakes you could be making.
To evaluate where your organization stands on this issue, check out the full article here