Using Data to Make Smarter Cybersecurity Risk Decisions

By Stephen Roostan, VP EMEA at Kenna Security

Today’s cybersecurity teams are faced with an unprecedented number of decisions on a daily basis. To keep the enterprise and its data secure, they need to prioritise which vulnerabilities to fix first. No easy task when up to 18,000 new vulnerabilities are identified each year, adding to the millions already documented.

Little wonder that security and IT teams are regularly at loggerheads over what’s most important to patch? Is it the Zerologon vulnerability that compromises Microsoft’s NetLogon protocol, or or the 10-year old Baron Samedit bug that impacts the Linux ecosystem? That’s a difficult question for many organisations to answer.

This is why a growing number of organisations are turning to data science to enable more effective security decisions – decisions which also optimise the best use of available manpower and defence resources.  However, while taking a data-driven approach to decision-making proves a game-changer where cybersecurity is concerned, the problem is that most security practitioners aren’t data scientists.

So simply throwing a mass of data at these teams isn’t going to help them to act any more effectively or empower them to make better, smarter decisions.

The problem with data and cybersecurity

Most enterprise security teams are already drowning in a sea of sensor and scanner data that needs to be manually correlated, analysed, and interpreted. No easy task when you take into account the growing volumes of vulnerability data and the increasing complexity of today’s enterprise IT environments.

For security teams, getting their heads around all this data to gain appropriate and actionable insights is almost impossible. Typically, analysts spend huge amounts of time producing Excel- spreadsheets for remediation teams which contain thousands of so-called ‘critical’ vulnerabilities. Not only is the list long, it provides little indication of where they should begin their efforts.

All this highlights some of the practical realities of dealing with large data sets. Ultimately, making the right business decision is dependent on the quality of data gathered, how quickly it can be aggregated, and the effectiveness of its analysis and interpretation. Without a quantitative understanding of their own organisation’s individual risk, IT and security teams will be unable to confidently identify and prioritise which vulnerabilities pose the biggest threat to their enterprise.

Turning data into value-add and actionable insights

To address the data overload, security teams are adopting advances in machine learning and automation that eliminate the time and effort involved in cleaning and correlating data for routine analysis. Freed from these onerous tasks, security teams are now able to share intelligence they have gathered on the most high-risk vulnerabilities to their colleagues in IT and DevOps, so they’ll understand what to fix, how to fix it and why it’s a priority.

This isn’t the only change on the horizon. Security teams are also finding new ways to harness threat intelligence in real-time. This includes using predictive modelling solutions, featuring supervised machine learning algorithms, that can analyse a vulnerability the moment it is published and determine the likelihood of it being exploited in their environment.

Combined, these capabilities make it possible for security teams to evolve beyond proactive cyber risk management to embark on a predictive approach that will be vital for countering today’s fast-moving threat landscape.

Executing data-driven decisions that deliver true risk reduction

When organisations consume these automation and machine intelligence capabilities via a centralised risk management platform that features standardised, granular risk scoring across their infrastructure, everyone is able to work more  efficiently and cohesively when it comes to managing remediation programs.

As well as being able to more efficiently and confidently orchestrate risk management efforts, security teams will gain a universally trusted language and metrics for communicating overall risk levels to management. Meanwhile, remediation teams are now able to visualise and understand which threats need to be addressed at their own group level and how to fix them. Plus, they are able to see how their efforts will reduce their own team’s  risk exposure.

Prioritisation to prediction

Vulnerability scoring systems have been around for a long time but increasingly executive teams are discovering how these new systems, which combine cloud security, risk-based intelligence and prioritisation reduce the pressure on security and IT teams while boosting their capability to drive down risk. More are making the leap from prioritisation to prediction to gain greater certainty about the probability of a specific exploit impacting their environment. With everyone singing from the same hymn sheet, resources can be appropriately allocated, and vulnerability management efforts focused with pinpoint accuracy on the risks that really matter.

Stephen Roostan

Stephen has over a decade of experience in cyber security and transformation projects, and his role at Kenna is to rapidly grow the EMEA organisation to meet the customer demand for risk-based vulnerability management. Prior to Kenna he held senior sales roles at Forcepoint, Citrix and Imperva, focusing on IT solutions for complex, enterprise requirements.

Is It Time for a VMware Alternative?

Wind River • 22nd May 2025

Companies have options when it comes to replacing VMware as their cloud platform, to address rising costs, support concerns, and a shrinking partner ecosystem. If you are ready to contemplate a different vendor, here are five reasons why Wind River Cloud Platform should be on your short list of VMware alternatives.

AI Leads as VivaTech Unveils Top 100 Startups

Viva Technology • 14th May 2025

Viva Technology has unveiled the first edition of its “Top 100 Rising European Startups for 2025,” spotlighting the most promising young companies shaping Europe’s tech future. Germany, France, and the UK lead the ranking, which highlights high-growth startups across 13 countries. Artificial intelligence dominates the list, with 15 companies spanning AI agents, models, and infrastructure....

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...

The need to eradicate platform dependence

Sue Azari • 10th March 2025

The advertising industry is undergoing a seismic shift. Connected TV (CTV), Retail Media Networks (RMNs), and omnichannel strategies are rapidly redefining how brands engage with consumers. As digital privacy regulations evolve and platform dynamics shift, advertisers must recognise a fundamental truth. You cannot build a sustainable business on borrowed ground. The recent uncertainty surrounding TikTok...