Security News > 2021 > October > A holistic approach to vulnerability management solidifies cyberdefenses
Vulnerability scanners are not enough, according to an expert who champions an all-encompassing holistic approach to vulnerability management as a means to eliminate surprises.
If that's not bad enough, there is confusion surrounding managing vulnerabilities, with most organizations depending on vulnerability scanners and some kind of policy as to when to update or patch the software/hardware.
"Multiple interpretations and definitions of Vulnerability Management exist," Schorr wrote during an email exchange with TechRepublic.
Risk management: It's a broad umbrella under which threat intelligence and incident management fall.
Those responsible for risk management can combine holistic risk management plus testing and assessment results to generate a risk profile of potential cyberattacks.
Change management: Helping those responsible for governance, risk management, and compliance manage patches, inform and guide configuration management and manage organizational changes fosters communication throughout the company.