Join Kenna on April 24 To Learn How Security Pros Can Accurately Report Their Organization’s Risk Posture to the Board and Increase Confidence with Exploit Prediction

Apr 12, 2018
Jeff Aboud

Share with Your Network

As cybersecurity professionals, we all know how frustrating it can be when you feel like you’re fighting attackers on your heels with one hand tied behind your back. The sheer volume of security data makes manually finding, analyzing, prioritizing, and remediating vulnerabilities a Herculean effort that just isn’t humanly possible even for large security teams. There’s just too much data coming in too fast to gain the upper hand.

“Let’s face it, well-intentioned security teams are being buried by data today,” said Jon Oltsik, senior principal analyst at Enterprise Strategy Group. “They go through heroic efforts and do what they can, but there is an obvious and logical outcome here: As security data volume grows, security professionals will be able to derive only an incremental amount of value.”

Fortunately, there is a better way. By implementing an evolved approach to cybersecurity that takes advantage of critical technological advances in areas such as machine learning and automation, CISOs and security leaders can arm their teams with the tools and tactics they need to effectively understand their organization’s overall risk, and communicate the impacts of their improved remediation efforts up to the board.

Reporting your organization’s risk posture to the board shouldn’t be a scary; it should be an ongoing opportunity for bilateral communication that helps drive your security strategy. Fully understanding their perspectives, priorities, and biases paves the way for valuable partnership between security executives and members of the board.

To learn how to implement this game-changing approach, I’d like to invite you join our webinar on Reporting Risk Posture to the Board: How to Increase Confidence with Exploit Prediction, as part of BrightTALK’s Economics of Cybersecurity Summit.

I’ll be joined by Kenna’s Jonathan Cran, head of research and Jerry Gamblin, principal security engineer.

In this session we will discuss how to:

  1. Define what “just enough security” means to your business
  • Understand the resources and roadmap for the business
  • Ensure team members understand and buy into the priorities
  • Understand how to partner with your business executives


  1.  Prioritize based on bottom line impact
  • Know which systems drive business value
  • Partner with the business and the board to drive prioritization
  • Build a risk burndown or “time to green” plan


  1. Report risk and manage incidents with the C-level and board
  • Define regular communication with your board
  • Partner cross-functionally with legal teams
  • Manage crisis communication and how to avoid going “end-of-the-world”


The webinar will take place on April 24 at 1:00PM PT/4:00PM ET, so reserve your place today!

Click here to register for the webinar.

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the P2P series explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities.

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is...



Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You...

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.