It is a boring part of the IT security landscape but “Common Vulnerabilities and Exposures” (CVEs), are a key area within the patch management strategies. IT leaders need to understand the importance, Security Week argues, when considering patch update pathways. Vulnerabilities could be attached at any moment. Therefore, identifying and actioning these vulnerabilities through pro-active patch management strategies can help to secure IT estates from invasive cyber threats and attacks. Security Week highlights the importance of Business Risk Intelligence to help inform IT leaders about the potential risks in order to make more informed decisions.
However, Security Week argues that there are risks involved in dovetailing the BRI and the CVE in order to better understand risk. The CVE score system is often incorrectly linked to business risk when in fact BRI is the best calculation of risk within a business – and their IT estate