The Problem with Cybersecurity Is Not Just Hackers—It's How We Measure Risk
Rich Seiersen, Chief Risk Technology Officer at Qualys, emphasizes that traditional cybersecurity metrics often fail to influence decision-making. In a recent workshop, he advised senior executives and CISOs to focus on risk and resilience rather than accumulating endless threat data. Drawing from his experience at Kaiser Permanente, Seiersen highlighted the overwhelming nature of numerous vulnerability reports and the necessity of prioritizing what truly impacts the business. He advocates for a shift towards metrics that directly inform strategic decisions, ensuring that security efforts align with organizational goals and effectively mitigate risks.
Comments
Post a Comment