Steve Yurich, CISO at Penn National Insurance, has run cybersecurity programs for government and private entities. He is a Certified Information Systems Security Professional, or CISSP, and is Certified in Risk and Information Systems Control, or CRISC. In a video interview with Information Security Media Group, he discusses his organization’s vulnerability management process. He also discusses why vulnerability management is far more than a one-time process; top recommendations for establishing an effective vulnerability management program;. Why vulnerability management must be more frequent and more frequent.”]
Source: https://www.databreachtoday.com/vulnerability-management-essential-components-a-16506