Asset-Based vs. Threat-Based Risk Management

Asset-Based vs. Threat-Based Risk Management 

 

Asset-Based vs. Threat-Based Risk Management

Asset-based risk management focuses your vulnerability efforts on the most critical systems – those most valuable to the enterprise while a threat-based approach focuses instead on the vulnerabilities most likely to be exploited.  Are these mutually exclusive?  And what about the recent ransomware attacks that typically leveraged low-value systems with easy-to-exploit vulnerabilities? 

This video explores these two approaches and gives some ideas on how to use both techniques together in your overall strategy.