Orgs are pushing for advanced threat protection (ATP) for ransomware / malware / phishing risk management. However, orgs should not skip over engaging in traditional TVM to respond to these new threats.
The reason is that patching & config baselines are a true benchmark that hackers use to fingerprint / profile orgs & their environments. Also, the time needed to remediate these findings is considerable for most orgs, as is tuning ATP products & svcs.
In an optimal, utopian world, orgs would have budget & resources for both, but w/ limited resources orgs should focus on following the fundamentals.
Finally, orgs need TVM before a SIEM / SOC / MSSP too.
No comments:
Post a Comment