Sean Keefef: Hackers have flipped the script on security teams by exploiting their focus on high-severity vulnerabilities. Keef: Traditional remediation practices tackle only critical- and high-risk vulnerabilities. Security teams focusing on severity will chase the top 25% to 30% of threats identified by profiles, he says. Instead, enterprises should measure risk by aggregating severity, asset importance, exposure, and exploitability, then wipe out the top perfect-storm threats, he writes.”]