While cybersecurity spending is estimated to hit $200 billion this year, why are many organizations still struggling? A recent article published by Fast Company argues that reason may be that organizations are reacting to noise instead of real risks.

More than 20,000 new CVEs have been reported this year, and as we ourselves reported recently AI powered tools have enabled a “data surge” of potential vulnerabilities that will likely require a multifaceted approach to conquer.

In addition to leveraging AI tools themselves to simulate potential attacks, the article suggests several additional approaches including validating controls regularly post-deployment to avoid configuration drift, prioritizing business-critical assets over low-priority systems and considering the overall security risk reduction over metrics such as the number of patches applied.

No budget can scale indefinitely along with the threat landscape, which seems to be growing exponentially.  But by improving how we identify and prioritize exposures, along with leveraging both human and computer intelligence, we can stay ahead of the game.