12 Jul, 2019E27.CO
Risk management begins with understanding your assets—where and how valuable they are. A vulnerability in an access database used by 20 employees is not as important as a vulnerability found in your publicly exposed API.
Any risk found goes through a cost/benefit analysis. The possible exposure is compared to the cost to mitigate the risk. If a realised risk will cost you $10,000 but it’ll cost $50,000 to fix, then it is a low priority. It simply doesn’t make sense to fix it right away....
This article can only be viewed by registered members. Please log in to view it.