18 January 2016
In the 11 January issue of the Cyber Intelligencer Invincea’s COO Norm Laudermilch talks about the difficulties in evaluating the effectiveness of endpoint security products:
‘The key is to understand what part of the threat landscape a product covers, the scope of the protection, the efficacy of that protection, and how it fits with the rest of your security and IT architecture.’
Very well said! But it is important to take the next step: Once you have conducted this evaluation the sum of all gaps or the residual risk could be grasped.
In my opinion this is the most important information. It shows the critical vulnerabilities and, when related to the current overall threat landscape, the direction for further investments. A CISO is well advised to do this matching regularly.
Have a good day.