Skip to content

The proactive approach helps to reduce the number of incidents

cisco interview

With digitalization, the amount of software being introduced into the market is increasing exponentially, and so are the number of vulnerabilities. This leads to security teams facing a tidal wave of known vulnerabilities while IT teams are being crushed by the demand to patch it all. 

Samir Aliyev, CEO and Founder of the Swiss Cyber Institute, recently had the opportunity to speak with Wolfgang Roelz, Cybersecurity Specialist at Cisco, a worldwide leader in networking and cyber security. Wolfgang shared his insights on the remediation efforts to lessen exposure to an attack, vulnerability prioritization and intelligence, and the best cloud vulnerability management practices.

SA: Considering organizational resources are limited, to which extent is it important to prioritize which vulnerabilities to address? 

WR: It’s even more important to use the limited available resources as efficiently as possible. With prioritization, companies can focus first on vulnerabilities that have the highest risk to their company and predict with confidence whether a new vulnerability poses a specific risk immediately. 

SA: It can be challenging to figure out where to focus remediation efforts to lessen exposure to an attack. In such a situation, what would be the best remediation approach? 

WR: With prioritization of vulnerabilities based on exploitability, companies can focus on remediating vulnerabilities exposing the organization to real-world threats. This proactive approach helps to reduce the number of incidents that need to be remediated.  

SA: Common vulnerability prioritization processes are usually based on one-dimensional metrics that fail to tackle risk in real-time. Can we say that risk-based vulnerability prioritization is the solution? 

WR: Risk-based vulnerability prioritization, with more dimensions, considering more than just two or three available threat intelligence sources, in combination with data science, improves the effectiveness of vulnerability management.  

SA: How can organizations ensure they do not rely on incomplete vulnerability intelligence, so they are aware of all known risks? 

WR: Using machine learning and data science, Kenna processes and analyses 18+ threat and exploit intelligence feeds, creates its own exploit intelligence, and manages 12.7+ billion vulnerabilities for customers. This provides a comprehensive view of all known vulnerabilities and their real-world exploitability and risk.

SA: What are the best cloud vulnerability management practices beyond, for instance, comprehensive vulnerability scanning and regular pen tests? 

WR: Uncovering vulnerabilities within cloud environments is as important as it is for private deployments. Kenna’s SaaS aggregates all vulnerability data to holistically show the customer’s security and IT teams the real risk of every vulnerability that’s been detected by network and application scanners, pen-testing tools, and bug bounty programs.