Standards, Regulations & Compliance
Which Threats Should CISOs Address Now?
Kevin Flynn of Skybox Security on Setting PrioritiesThe notion of patching the most critical vulnerabilities is outdated and ineffective thanks to today's black market for exploit kits, says Kevin Flynn of Skybox Security. Evaluating the exposure and context of holes in your organization is crucial to shoring up defenses, he says.
Crimeware as a service enables criminals to purchase multiple types of exploit kits at varying price levels for different kinds of attacks.
"The threat landscape now includes the notions of something that is very distributed," Flynn says. "The attacks have become very broad based. They're not just going after the zero day vulnerabilities."
In an interview at Information Security Media Group's New York City Fraud and Breach Summit, where Flynn was a featured speaker, he also discusses:
- The key factors for determining which threats to address first;
- How to utilize insights from the dark web;
- Suggestions for prioritizing which vulnerabilities need your attention.
Flynn is global director of products at Skybox Security. Previously, he was director of product marketing at Blue Coat Systems. He has more than 25 years of experience in high tech and has been involved in cybersecurity technologies for more than a decade.