Smart risk: prioritising what matters
73 min About this episode
Smart risk moves beyond simply listing vulnerabilities. It is a dynamic approach that weighs asset exposure, user interactions, and the often-overlooked weaknesses in third-party tools.
Rather than trying to remediate every vulnerability, the goal is to intelligently prioritise what truly matters, based on real-time threat intelligence and a clear understanding of your most critical assets. We walk through CVSS, asset criticality, exposure, and a practical approach to risk assessment.
Episode chapters
- 00:00 Introduction
- 00:55 Origins of traditional risk classification
- 02:45 Components of CVSS
- 08:30 Setting up the right privileges and credentials
- 13:00 User interactions
- 16:00 Estimating the weakness of tools
- 21:30 Asset risk, impact and criticality
- 29:15 Remediating all vulnerabilities
- 34:15 Smart risk assessment
- 41:30 Asset exposure
- 56:10 Threat intelligence
- 1:02:00 How to approach risk assessment
- 1:04:30 An agentic approach to cybersecurity
Topics covered
- #RiskManagement
- #CVSS
- #VulnerabilityManagement
- #ThreatIntelligence
- #Prioritization
