While vulnerability management is an essential part of good cyber hygiene, it isn’t the only defense necessary against threat actors. Even if organizations could keep all their systems patched, exploited vulnerabilities are only responsible for 38% of initial access, which means other infection vectors such as phishing, website compromise, or other common methods represent higher levels of residual risk.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/04/bringing-rigor-to-ctem-with-threat-informed-defense/
