Jon Oltsik: Shifting Left and Threat Informed Defense
Security researcher and analyst Jon Oltsik talks about the importance of shifting lift and employing threat informed defense in this short clip.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Jon Oltsik: Vulnerability Management is a Business Issue
Industry researcher and analyst Jon Oltsik explains why vulnerability management should be considered a business issue and stop being viewed as a technical issue.
An Industry Analyst's Take on Nucleus 3.0
In this episode of Nucleus Conversations, industry analyst and researcher Jon Oltsik unpacks the current state of exposure management, why so many organizations still struggle to manage cyber risk at scale, and the impact the recent Nucleus 3.0 releases will have for customers.
Looking Ahead to 2026: Why Cyber Economics Will Redefine the CISO's Mandate
Cybersecurity in 2026 will be driven by economics. Not hype. Not novelty. Economics. Attackers follow financial incentives and scale their operations faster than most enterprises can defend. CISOs must shift from reporting technical metrics to explaining business impact, guide safe AI adoption as Shadow AI grows, and design programs that emphasize resilience over perfection.
Kenna Lit the Spark on the Exposure Management Fire and It's Time for the Next Generation
When Kenna launched more than a decade ago, it reshaped an industry that had grown numb to vulnerability overload. Back then, vulnerability management meant looking at mountains of CSV files, scanner reports, and a never-ending backlog of unprioritized issues. Kenna introduced the idea that risk instead of raw counts should determine what gets fixed first. For many security teams, it was the first time they realized they didn’t have a vulnerability problem.
What's Next in Cyber Economics: 2026 Security Strategies from Industry Leaders
Security leaders are bracing for a pivotal shift in 2026. Attacker economics are evolving, extortion models are changing shape, and organizations are rethinking how they allocate resources to defend against more scalable and financially motivated threats. In this on-demand webinar, four industry experts break down the forces reshaping cybersecurity strategy and offer practical guidance for leaders preparing for the next wave of challenges.
Automating SLAs in Risk-Based Vulnerability Management: Turning Deadlines into Results
Many organizations set remediation SLAs, but static severity-based timelines and manual tracking prevent them from meeting those deadlines in a way that meaningfully reduces risk. This article outlines how automated, risk-based SLAs connect timelines to real exploitability, exposure, and asset value, turning deadlines into reliable, measurable outcomes. Key takeaways from this article.