Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Defining and Measuring Risk Tolerance for Security Teams

Ivanti
04/02/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


managing risk exposure. Nearly half say they cannot access the right data to measure and manage risk. This lack of visibility seriously compromises security teams' ability to effectively understand if their efforts are aligning with their organization's risk tolerance framework. Some specific steps to help organizations better follow their risk tolerance framework include getting as complete an inventory of the attack surface as possible, assigning financial values to assets to calculate risk in monetary terms wherever possible, and if using a risk score to describe risk posture, define the risk thresholds in the risk assessment framework using the same scoring schema. By aggregating data to ensure a comprehensive view of the organization's attack surface, risk exposure management can help develop realistic metrics that align with the organization's risk appetite and business objectives.

TL;DR

  • Nearly half of security professionals lack access to the data needed to effectively measure and manage risk exposure within their organizations.
  • Building a complete inventory of the attack surface is the foundational step for aligning security efforts with risk tolerance frameworks.
  • Assigning financial values to assets enables organizations to calculate and communicate risk in monetary terms that resonate with business leadership.

Summary

Ivanti's Field CISO Mike Riemer addresses a critical gap in enterprise security: while most organizations have risk tolerance frameworks in place, many struggle to actually follow them due to data visibility challenges. Drawing on Ivanti research, Riemer reveals that nearly half of security professionals cannot access the data needed to measure and manage risk effectively. He outlines three actionable steps to bridge this gap: building a complete attack surface inventory, assigning financial values to assets for monetary risk calculation, and aligning risk scoring schemas across assessment frameworks. The guidance emphasizes that comprehensive data aggregation is essential for developing realistic metrics that connect security efforts to organizational risk appetite and business objectives. This approach to risk exposure management helps security teams demonstrate alignment between their operational activities and the broader risk tolerance framework their organization has established.

Chapters

0:00 - The Risk Measurement Challenge
0:23 - Steps to Improve Risk Alignment
0:49 - Aggregating Data for Better Metrics

Key Quotes

0:08 "Nearly half say they cannot access the right data to measure and manage risk."
0:12 "This lack of visibility seriously compromises security teams' ability to effectively understand if their efforts are aligning with their organization's risk tolerance framework."
0:34 "Assigning financial values to assets to calculate risk in monetary terms wherever possible."

Categories:
  • » Webinar Library » Ivanti
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Compliance & Governance
  • Security Operations
  • Vulnerability Management
  • Executive Briefing
  • Risk tolerance frameworks
  • Risk exposure management
  • Attack surface management
  • Security metrics
  • Risk quantification
  • Data visibility
  • Risk assessment
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Defining and Measuring Risk Tolerance for Security Teams

              Upcoming Webinar Calendar

              • 07/02/2026
                10:00 AM
                07/02/2026
                Building Resilience: Insights from Hybrid Threats Amid Cloud Challenges
                https://www.truthinit.com/index.php/channel/2011/building-resilience-insights-from-hybrid-threats-amid-cloud-challenges/
              • 07/09/2026
                01:00 PM
                07/09/2026
                The HUMAN Experience: Empowering Agentic Trust in Practice
                https://www.truthinit.com/index.php/channel/2026/the-human-experience-empowering-agentic-trust-in-practice/
              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting an Elite Security Team to Achieve Championship-Level Defense
                https://www.truthinit.com/index.php/channel/2025/crafting-an-elite-security-team-to-achieve-championship-level-defense/
              • 07/14/2026
                02:00 PM
                07/14/2026
                Understanding the Crucial Role of Context in AI Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-ai-data/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/21/2026
                01:00 PM
                07/21/2026
                HUMAN Dialogue: Insights from Attackers During the FIFA World Cup
                https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Strategies for Mastering the DPDP Framework
                https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-for-mastering-the-dpdp-framework/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Becoming Agent Ready: Insights from Cyera's Expertise
                https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jul
                02

                Building Resilience: Insights from Hybrid Threats Amid Cloud Challenges

                07/02/202610:00 AM ET
                • Jul
                  09

                  The HUMAN Experience: Empowering Agentic Trust in Practice

                  07/09/202601:00 PM ET
                  • Jul
                    14

                    Crafting an Elite Security Team to Achieve Championship-Level Defense

                    07/14/202601:00 PM ET
                    • Jul
                      14

                      Understanding the Crucial Role of Context in AI Data

                      07/14/202602:00 PM ET
                      • Jul
                        21

                        Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

                        07/21/202604:00 AM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version