Compliance & Legislation | Operational resilience

September 4, 2025

Organisations must transform their threat exposure management practices to stay in control of their cyber security and minimise risk of disruption. This shift is essential to meet the growing volume and velocity of disruptions driven by today’s increasingly volatile threat environment.

Managing an effective cyber security posture is already a problem for many organisations. Limited visibility and context around emerging threats makes their prevention difficult. And, according to a recent blog, adversaries aided by AI-enhanced tools will increase the number and potentially the potency, of cyber-attacks on enterprises. To protect their systems and improve their resilience, organisations must operationalise threat exposure management practices and ensure they are fit for purpose.

The threat mitigation process has always been important

AI is set to streamline business operations, but equally adversaries too will reap similar benefits. New reasoning and agentic AI models will allow even lesser skilled hackers to easily research and orchestrate attacks. The results are likely to be more frequent or damaging breaches. Security teams, already racing to find and fix vulnerabilities before they’re exploited, will be stretched even further.

Effective threat exposure management has always been a priority. However higher operating threat levels mean that organisations must be more diligent in their collection and analysis of the evidence-based intelligence necessary to quickly inform their specific mitigation efforts. Timely, actionable intelligence is critical in maintaining cyber posture and preventing disruption to operations.

Non-compliance is now more important than compliance

Measuring compliance against a cyber security framework is an important performance indicator, but knowing what security controls are not compliant is far more important from a threat exposure perspective. Without visibility and context vulnerabilities can remain undetected, as unmitigated threats, in your environment. So in today’s volatile threat environment effective threat exposure management practices must be dynamic. They must have reliable, data-driven assessments that evidence operational resilience through continuous threat visibility and actionable intelligence.

While AI-assisted vulnerability identification and exploitation will not actually create vulnerabilities; the lack of visibility and context about emerging threats will certainly increase the potential for them to remain undiscovered and open to exploit.

Here’s what’s changed

In some ways, not much. Many of these advances are simply risk management principles to threat exposure. Managing security operations in the current threat environment has been too complex and arbitrary for too long. In the absence of evidence-based threat exposure management, sampling and subjective techniques provide little assurance of the accuracy of the information for either security or management teams. Last year alone, more than 40,000 new common vulnerabilities or exposures were added to the threat environment – a 38% increase. And any such rise, AI-assisted or otherwise, will further stretch threat management practices and bring into greater question the levels of operational, financial and reputational risks implied in current compliance reporting.

Why is this important?

All risk management stakeholders need better intelligence to address these challenges. They also require ongoing visibility of emerging threats that could impact their key IT assets. The accurate and ongoing measurement of cyber security control effectiveness levels is critical to fully informing the ongoing success of cyber security prevention strategies. It’s becoming a numbers game. The number of new vulnerabilities continues to rise. Without autonomous threat exposure management, the chances of finding them will only shrink. And without relevant and reliable actionable intelligence, arbitrary compliance information can only sustain sub-optimal cyber security outcomes.

In another recent blog, organisations are advocating an autonomous platform to integrate threat information with SIEM, vulnerability scanners and other technologies for “real-time, actionable cyber risk insights.” That capability is already well established. Automated data-driven threat exposure management platforms provide continuous, evidence-based telemetry to inform effective threat governance, underpinned by dynamic and actionable threat management and reporting.

Rather than predictive, the threat exposure management model must include systematic information to support an ongoing and dynamic process. A management loop that identifies and responds to emerging vulnerabilities to continuously monitor and improve the effectiveness of controls. Organisations must automate this to achieve it at speed and scale.

In the absence of local evidence-based observations, the ongoing effectiveness of mitigation strategies on current controls and policies is difficult to measure and validate. Similarly, relying on historical risk data, integrated AI, and black box models, without locally measured control effectiveness, undermines confidence. It reduces trust in both the quality and relevance of the threat exposure management process.

The operational priority of effective threat exposure management

Without a locally data-driven autonomous platform, organisations face visibility issues with unreliable threat data. Potentially lagging the real-time state of threat exposure. Traditional assessments are slow, disruptive and imprecise. Autonomous CTEM platforms are now part of business-as-usual. They provide continuous threat exposure monitoring, prioritisation, and reporting for both internal and external cyber security stakeholders.

In fact, they represent the only way that enterprises can expect to maintain their security posture and meet their growing governance and enterprise resilience obligations [1].

Find out more about Autonomous Threat Exposure Management platforms. Huntsman’s Auditor, SmartCheck and Scorecard solutions play a role in dynamic cyber security risk management and enterprise resilience.

Contact us today.

[1] Hype Cycle for Security Operations – 2025, Gartner Inc, June 23rd 2025

BLOG POSTS

Related Cybersecurity Content

Retail Cyber Attacks: A Costly Wake-Up Call for Businesses

July 15, 2025

The recent retail ransomware breaches and what organisations must do next In recent months, UK retail giants Marks & Spencer, Co-op, and Harrods were all hit by significant cyber security breaches. These retail cyber attacks, reportedly involving ransomware and groups such as Scattered Spider and DragonForce, disrupted operations, sparked investigations by the UK’s National Cyber […]

Read more

Why the ACSC Essential Eight is Crucial for Meeting SOCI Cyber Reporting Obligations

June 30, 2025

Organisations subject to Australia’s Security of Critical Infrastructure Act 2018 (SOCI) face a tough challenge: how to meet strict cyber incident reporting timelines while juggling a mix of governance frameworks, operational pressures, and technical controls. While the SOCI legislation enables organisations to choose from a range of cyber security frameworks to meet their obligations—such as […]

Read more

Think about your cyber security transformation

May 5, 2025

More cyber security breaches, this time in the finance, judicial and most recently the superannuation sectors. There have been ongoing warnings from ASIC and other regulators for organisations to prioritise their cyber resilience management. ASIC even repeated in Nov 2024, that poor cyber security protection that threatened consumer data was an enforcement priority for them […]

Read more

In 2025 we predict: The disruption in the SIEM market will lead to adjustments in cyber security strategy

February 17, 2025

20 years ago, there was widespread adoption of traditional Security Information and Event Management (SIEM) solutions. Its proven capabilities have meant SIEM is now an integral part of the security stack for most organisations. The SIEM market has since evolved, with an expansive range of functionality now available to meet customers’ needs. Next-Gen SIEMs, the […]

Read more

Operational resilience deadlines loom

February 3, 2025

Operational Resilience (OpRes) has been in the news a lot over the last few years. Advisories, white papers and conferences have all addressed the importance of cyber security resilience and its role in protecting the ongoing operations of enterprise. With almost every business function, in some way, reliant on your IT assets and data the […]

Read more

Cyber security observations from 2024 – we’re still rolling-the-dice

January 22, 2025

In 2024, we saw real progress with cyber security being recognised as a factor in organisational resilience. Senior executives and directors became increasingly aware of the need for its oversight. Yet, as we look in the rear-vision mirror back to 2024, we see organisations continuing to roll-the-dice when it comes to cyber security. As we […]

Read more

In 2025 we predict: A growing adoption of threat exposure management in large and small organisations

January 13, 2025

The effective management of cyber security is an increasing priority for organisations everywhere. For those familiar with risk management principles, cyber security is more than another operational risk to be dealt with. Meanwhile, for those with less cyber security awareness, the discipline of rules-based risk management frameworks and checklists will support the management process. The […]

Read more

Cyber Security Predictions for 2025

November 15, 2024

Access Huntsman Security’s report to learn about the five areas that we anticipate will have a noteworthy impact on the cyber security landscape in 2025 and beyond.

Read more

Challenges in Cyber Security Auditing

September 2, 2024

Cyber security risks to businesses continue with a growing number of more skilled, well-funded, state-backed, and motivated attackers. The IMF reports that the costs of worst-case breaches have jumped four-fold to USD$2.5bn. Boards are undergoing legal and regulatory pressure to safeguard data, privacy and business resilience. This is most acute in finance, critical infrastructure and […]

Read more

Essential Eight – what’s next?

August 23, 2024

Completing an E8 risk assessment ticks some important boxes. It provides the security team, and hopefully business leadership, information about the state of the organisation’s security controls and posture, which helps them fulfill their increasing IT security reporting obligations.

Read more

SIGN UP TO RECEIVE CYBER SECURITY INSIGHTS

Read by directors, executives, and security professionals globally, operating in the most complex of security environments.

Marketing(Required)
Agree(Required)