{"id":4230,"date":"2019-08-18T05:44:33","date_gmt":"2019-08-18T05:44:33","guid":{"rendered":"https:\/\/209.235.70.100\/?p=4230"},"modified":"2020-01-04T05:44:57","modified_gmt":"2020-01-04T05:44:57","slug":"de-mystifying-security-series-vulnerability-risk-management","status":"publish","type":"post","link":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/","title":{"rendered":"De-mystifying Security Series: Vulnerability Risk Management"},"content":{"rendered":"\n

Identifying and dealing with cybersecurity vulnerabilities is key to preventing cyberattacks – and it\u2019s generally cheaper and more effective to plug any holes rather than having to deal with a threat which has already penetrated security defenses.<\/p>\n\n\n\n

Vulnerability Risk Management (VRM)<\/strong><\/p>\n\n\n\n

Vulnerability Risk Management (VRM) describes the processes and technologies deployed to identify potential weaknesses. Specifically, vulnerabilities are potential gaps in security provisions that could be exploited to gain access to network resources.<\/p>\n\n\n\n

VRM also defines how a business responds to identified vulnerabilities. This is usually a documented process that outlines how vulnerabilities are prioritized, and the steps taken to close each gap depending on the assigned priority. Ultimately, vulnerability risk management is about preventing similar problems in future.<\/p>\n\n\n\n

Threat & Vulnerability Management \u2013 TVM<\/strong><\/p>\n\n\n\n

Extending VRM, Threat & Vulnerability Management also addresses threats<\/em>. In the context of TVM, threats describe the tools and techniques employed by cybercriminals to exploit known vulnerabilities. In some cases, threats also relate to accidental<\/em>exploits that result in similar outcomes \u2013 loss or damage to network assets.<\/p>\n\n\n\n

TVM also covers management of threats and vulnerabilities, detailing how an organization identifies and responds to both. Identified threats and vulnerabilities are prioritized and patched according to a documented procedure agreed by IT management, with a view to protecting network assets and the rest of the business.<\/p>\n\n\n\n

Continuous Adaptive Risk and Trust Assessment \u2013 CARTA<\/strong><\/p>\n\n\n\n

At the most basic level, Continuous Adaptive Risk and Trust Assessment (CARTA) is a new approach to managing risk. The CARTA methodology is intended to help businesses deploy security safeguards that keeps pace with developments in technology and cybersecurity.<\/p>\n\n\n\n

A CARTA-based strategy is built on the assumption that all systems and applications have already been compromised. CARTA operates against a comprehensive asset inventory. Each asset is continuously monitored and assessed for risk, providing early warning of potential breaches and to establish trust that the system in question has not been breached.<\/p>\n\n\n\n

How Navisite can assist<\/strong><\/p>\n\n\n\n

Navisite partners with leading providers like Kenna Security, Bitsight, Alert Logic, and leading scanning providers (e.g. Qualys) to provide vulnerability risk management and continuous compliance for its clients. Navisite\u2019s deep bench of vulnerability management specialists\u2019 leverage our partner platform solutions to provide \u2018outside-in\u2019 and \u2018inside-out\u2019 visibility into the security posture of our clients. Proactively, our approach enables detection of risk, expert prioritization, and smart remediation of assets and continuous compliance across multi-cloud environments.<\/p>\n\n\n\n

To learn more about VRM, what it means for your business, and how Navisite can help, please get in touch<\/a>. For more information on cloud security click here<\/a> or call (888) 298-8222.<\/p>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":114,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"acf":[],"yoast_head":"\nDe-mystifying Security Series: Vulnerability Risk Management - Navisite<\/title>\n<meta name=\"description\" content=\"Identifying and dealing with cybersecurity vulnerabilities is key to preventing cyberattacks - and it\u2019s generally cheaper and more effective to plug any\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"De-mystifying Security Series: Vulnerability Risk Management\" \/>\n<meta property=\"og:description\" content=\"Identifying and dealing with cybersecurity vulnerabilities is key to preventing cyberattacks - and it\u2019s generally cheaper and more effective to plug any\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/\" \/>\n<meta property=\"og:site_name\" content=\"Navisite\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-18T05:44:33+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-04T05:44:57+00:00\" \/>\n<meta name=\"author\" content=\"Megan Ferringer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@navisite\" \/>\n<meta name=\"twitter:site\" content=\"@navisite\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Megan Ferringer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/\"},\"author\":{\"name\":\"Megan Ferringer\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f\"},\"headline\":\"De-mystifying Security Series: Vulnerability Risk Management\",\"datePublished\":\"2019-08-18T05:44:33+00:00\",\"dateModified\":\"2020-01-04T05:44:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/\"},\"wordCount\":437,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.navisite.com\/#organization\"},\"articleSection\":[\"Blog\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/\",\"url\":\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/\",\"name\":\"De-mystifying Security Series: Vulnerability Risk Management - Navisite\",\"isPartOf\":{\"@id\":\"https:\/\/www.navisite.com\/#website\"},\"datePublished\":\"2019-08-18T05:44:33+00:00\",\"dateModified\":\"2020-01-04T05:44:57+00:00\",\"description\":\"Identifying and dealing with cybersecurity vulnerabilities is key to preventing cyberattacks - and it\u2019s generally cheaper and more effective to plug any\",\"breadcrumb\":{\"@id\":\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.navisite.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"De-mystifying Security Series: Vulnerability Risk Management\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.navisite.com\/#website\",\"url\":\"https:\/\/www.navisite.com\/\",\"name\":\"Navisite\",\"description\":\"Elevate Your Cloud Journey\",\"publisher\":{\"@id\":\"https:\/\/www.navisite.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.navisite.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.navisite.com\/#organization\",\"name\":\"Navisite\",\"url\":\"https:\/\/www.navisite.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg\",\"contentUrl\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg\",\"width\":1,\"height\":1,\"caption\":\"Navisite\"},\"image\":{\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/twitter.com\/navisite\",\"https:\/\/www.instagram.com\/navisite\/\",\"https:\/\/www.linkedin.com\/company\/navisite\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f\",\"name\":\"Megan Ferringer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.navisite.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg\",\"contentUrl\":\"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg\",\"caption\":\"Megan Ferringer\"},\"description\":\"Megan is the Content Marketing Manager at Navisite with more than 10 years of experience helping brands discover and tell their stories. From working at a global non-profit organization to boutique marketing agencies in Chicago, she champions the power of storytelling across all industries.\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"De-mystifying Security Series: Vulnerability Risk Management - Navisite","description":"Identifying and dealing with cybersecurity vulnerabilities is key to preventing cyberattacks - and it\u2019s generally cheaper and more effective to plug any","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/","og_locale":"en_US","og_type":"article","og_title":"De-mystifying Security Series: Vulnerability Risk Management","og_description":"Identifying and dealing with cybersecurity vulnerabilities is key to preventing cyberattacks - and it\u2019s generally cheaper and more effective to plug any","og_url":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/","og_site_name":"Navisite","article_published_time":"2019-08-18T05:44:33+00:00","article_modified_time":"2020-01-04T05:44:57+00:00","author":"Megan Ferringer","twitter_card":"summary_large_image","twitter_creator":"@navisite","twitter_site":"@navisite","twitter_misc":{"Written by":"Megan Ferringer","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/#article","isPartOf":{"@id":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/"},"author":{"name":"Megan Ferringer","@id":"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f"},"headline":"De-mystifying Security Series: Vulnerability Risk Management","datePublished":"2019-08-18T05:44:33+00:00","dateModified":"2020-01-04T05:44:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/"},"wordCount":437,"commentCount":0,"publisher":{"@id":"https:\/\/www.navisite.com\/#organization"},"articleSection":["Blog"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/","url":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/","name":"De-mystifying Security Series: Vulnerability Risk Management - Navisite","isPartOf":{"@id":"https:\/\/www.navisite.com\/#website"},"datePublished":"2019-08-18T05:44:33+00:00","dateModified":"2020-01-04T05:44:57+00:00","description":"Identifying and dealing with cybersecurity vulnerabilities is key to preventing cyberattacks - and it\u2019s generally cheaper and more effective to plug any","breadcrumb":{"@id":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.navisite.com\/blog\/de-mystifying-security-series-vulnerability-risk-management\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.navisite.com\/"},{"@type":"ListItem","position":2,"name":"De-mystifying Security Series: Vulnerability Risk Management"}]},{"@type":"WebSite","@id":"https:\/\/www.navisite.com\/#website","url":"https:\/\/www.navisite.com\/","name":"Navisite","description":"Elevate Your Cloud Journey","publisher":{"@id":"https:\/\/www.navisite.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.navisite.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.navisite.com\/#organization","name":"Navisite","url":"https:\/\/www.navisite.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg","contentUrl":"https:\/\/www.navisite.com\/wp-content\/uploads\/2020\/02\/logo.svg","width":1,"height":1,"caption":"Navisite"},"image":{"@id":"https:\/\/www.navisite.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/twitter.com\/navisite","https:\/\/www.instagram.com\/navisite\/","https:\/\/www.linkedin.com\/company\/navisite"]},{"@type":"Person","@id":"https:\/\/www.navisite.com\/#\/schema\/person\/99bad6e33cc6d3ac27337400026e4a9f","name":"Megan Ferringer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.navisite.com\/#\/schema\/person\/image\/","url":"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg","contentUrl":"https:\/\/www.navisite.com\/wp-content\/uploads\/2021\/02\/IMG-0529-150x150.jpg","caption":"Megan Ferringer"},"description":"Megan is the Content Marketing Manager at Navisite with more than 10 years of experience helping brands discover and tell their stories. From working at a global non-profit organization to boutique marketing agencies in Chicago, she champions the power of storytelling across all industries."}]}},"publishpress_future_action":{"enabled":false,"date":"1970-01-01 00:00:00","action":"","terms":[],"taxonomy":"","browser_timezone_offset":0},"_links":{"self":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/posts\/4230"}],"collection":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/users\/114"}],"replies":[{"embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/comments?post=4230"}],"version-history":[{"count":0,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/posts\/4230\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/media?parent=4230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/categories?post=4230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.navisite.com\/wp-json\/wp\/v2\/tags?post=4230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}