Building a Vulnerability Management Program that Actually Works - A View from the Trenches with LifeLabs

March 26, 2024
Vulnerability management (VM) is critical for reducing risk in an organization, but the reality is, few companies call their VM program a success. Why is it so hard to get effective results? LifeLabs has been on the same journey. Learn how the security team overhauled its entire program, leveraging many inputs to determine risk and automating much of the process.

This event was originally held on March 26, 2024
and is now available for on demand viewing.
Sponsor: Avalor
Duration:
 1 Hour

Register Today!

Already registered? Please click here to log in!

Summary

Vulnerability management (VM) is critical for reducing risk in an organization, but the reality is, few companies call their VM program a success. Why is it so hard to get effective results?

Most VM programs are stuck focused on CVEs, but understanding risk takes a much wider lens. And so much work is manual -- teams are stuck in spreadsheets trying to correlate risk factors and mitigating controls.

LifeLabs has been on the same journey. The company wanted to get past using CVSS scores to prioritize which vulnerabilities to fix. The security team has overhauled its entire program, leveraging many inputs to determine risk and automating much of the process.

Join LifeLabs CISO Mike Melo to learn:

  • How to get a comprehensive view of CVEs and other "vulnerabilities" today
  • Ways to add business context like crown jewels and mitigating controls to the mix
  • Methods for getting the right info to the right teams for fixes to happen
  • Why traditional VM metrics are useless to execs and how to make them useful


Speakers

Michelle McLean
VP of Marketing
Avalor

Michelle is the Vice President of Marketing at Avalor, overseeing all of the company’s marketing strategy and initiatives. She has over 20 years of experience in market positioning, GTM, and demand generation. Prior to Avalor, she was VP of Marketing at Salt and StackRox, two successful cyber companies where she initiated all outbound marketing activities, built the marketing team, and generated more than 65 percent of all pipeline activity. Before that, she was VP of Marketing at ScaleArc and previously held director of product marketing positions at Silver Spring Networks, ConSentry Networks, Peribit Networks, and Trapeze Networks. She previously served as program director at the research firm META Group, providing technology and strategy direction to global 2000 enterprise clients. She started her career as a technology journalist. Michelle earned her BA in English from the University of California at Berkeley.

Mike Melo
CISO
LifeLabs

Mike Melo is an experienced cybersecurity leader, technology advisor, and the current CISO of LifeLabs Medical Laboratory Services. He has over a decade of experience in post-breach transformational security and information security management. Mike enjoys mentoring CISOs, CIOs, and senior executives further to develop the alignment of security programs and business outcomes. He is part of the Toronto Evanta CISO governing body and a distinguished speaker at various security industry meetups and conferences. Mike earned his MBA from the Smith School of Business at Queen's University and an undergraduate degree from Sheridan College.

John Dobberstein
Managing Editor
SecurityInfoWatch Security Media

Sponsored By