Why do organizations struggle to follow their risk tolerance frameworks?

According to Ivanti research, nearly half of security professionals cannot access the right data to measure and manage risk. This lack of visibility prevents security teams from understanding whether their efforts align with their organization's defined risk tolerance.

How can organizations better align security metrics with business objectives?

Organizations should assign financial values to assets to calculate risk in monetary terms, use consistent risk scoring schemas across their assessment frameworks, and aggregate data for a comprehensive view of the attack surface to develop realistic, business-aligned metrics.

Defining and Measuring Risk Tolerance for Security Teams

Name: Defining and Measuring Risk Tolerance for Security Teams
Uploaded: 2026-04-02T20:40:44-04:00
Duration: 1 min 6 s
Description: TL;DR Nearly half of security professionals lack access to the data needed to effectively measure and manage risk exposure within their organizations. Building a complete inventory of the attack surface is the foundational step for aligning security ef...

Ivanti

04/02/2026

0 (0%)

Report Like Favorite

TL;DR

Nearly half of security professionals lack access to the data needed to effectively measure and manage risk exposure within their organizations.
Building a complete inventory of the attack surface is the foundational step for aligning security efforts with risk tolerance frameworks.
Assigning financial values to assets enables organizations to calculate and communicate risk in monetary terms that resonate with business leadership.

Summary

Ivanti's Field CISO Mike Riemer addresses a critical gap in enterprise security: while most organizations have risk tolerance frameworks in place, many struggle to actually follow them due to data visibility challenges. Drawing on Ivanti research, Riemer reveals that nearly half of security professionals cannot access the data needed to measure and manage risk effectively. He outlines three actionable steps to bridge this gap: building a complete attack surface inventory, assigning financial values to assets for monetary risk calculation, and aligning risk scoring schemas across assessment frameworks. The guidance emphasizes that comprehensive data aggregation is essential for developing realistic metrics that connect security efforts to organizational risk appetite and business objectives. This approach to risk exposure management helps security teams demonstrate alignment between their operational activities and the broader risk tolerance framework their organization has established.

Chapters

0:00 - The Risk Measurement Challenge
0:23 - Steps to Improve Risk Alignment
0:49 - Aggregating Data for Better Metrics

Key Quotes

0:08 "Nearly half say they cannot access the right data to measure and manage risk."
0:12 "This lack of visibility seriously compromises security teams' ability to effectively understand if their efforts are aligning with their organization's risk tolerance framework."
0:34 "Assigning financial values to assets to calculate risk in monetary terms wherever possible."

Categories:

» Webinar Library » Ivanti
» Data Protection

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

05/19/2026

01:00 PM

05/19/2026

How to Build an AI Governance Foundation for GenAI - Before, Duration and After Deployment

https://www.truthinit.com/index.php/channel/1936/how-to-build-an-ai-governance-foundation-for-genai-before-duration-and-after-deployment/
05/20/2026

08:00 AM

05/20/2026

Establishing a Robust AI Governance Framework for GenAI Throughout the Deployment Lifecycle

https://www.truthinit.com/index.php/channel/1937/establishing-a-robust-ai-governance-framework-for-genai-throughout-the-deployment-lifecycle/
05/20/2026

10:00 PM

05/20/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1953/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/21/2026

11:00 AM

05/21/2026

Risk in Real Time Demo Series: The Autonomous Era - Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/risk-in-real-time-demo-series-the-autonomous-era-orchestrating-a-resilient-enterprise/
05/27/2026

04:00 AM

05/27/2026

Rivoluziona i rischi dell'AI in opportunità con Netskope AI Security

https://www.truthinit.com/index.php/channel/1925/rivoluziona-i-rischi-dellai-in-opportunità-con-netskope-ai-security/
05/27/2026

10:00 AM

05/27/2026

Adopting AI: From Illusion to Intentional Control

https://www.truthinit.com/index.php/channel/1924/harnessing-ai-transitioning-from-illusion-to-purposeful-mastery/
05/28/2026

01:00 PM

05/28/2026

Harnessing AI for Smaller Teams: Strategies for Secure Implementation

https://www.truthinit.com/index.php/channel/1951/harnessing-ai-for-smaller-teams-strategies-for-secure-implementation/
06/02/2026

01:00 PM

06/02/2026

Spring of Satori: Delving into Recent Findings and 2026's Threat Landscape

https://www.truthinit.com/index.php/channel/1930/spring-of-satori-delving-into-recent-findings-and-2026s-threat-landscape/
06/16/2026

07:00 AM

06/16/2026

Establishing Clear Priorities: Addressing Data Risks Effectively

https://www.truthinit.com/index.php/channel/1952/establishing-clear-priorities-addressing-data-risks-effectively/