The Problem with Cybersecurity Is Not Just Hackers—It's How We Measure Risk

Rich Seiersen, Chief Risk Technology Officer at Qualys, emphasizes that traditional cybersecurity metrics often fail to influence decision-making. In a recent workshop, he advised senior executives and CISOs to focus on risk and resilience rather than accumulating endless threat data. Drawing from his experience at Kaiser Permanente, Seiersen highlighted the overwhelming nature of numerous vulnerability reports and the necessity of prioritizing what truly impacts the business. He advocates for a shift towards metrics that directly inform strategic decisions, ensuring that security efforts align with organizational goals and effectively mitigate risks. 

https://www.intelligentciso.com/2025/09/29/the-problem-with-cybersecurity-is-not-just-hackers-its-how-we-measure-risk/

Comments

Popular posts from this blog

Secure Vibe Coding Guide: Best Practices for Writing Secure Code

KEVIntel: Real-Time Intelligence on Exploited Vulnerabilities

OWASP SAMM Skills Framework Enhances Software Security Roles