- Cybersecurity leaders emphasized the importance of Continuous Threat Exposure Management (CTEM) in reducing breach risks.
- Effective CTEM starts with detailed asset inventory and identity management to close common security gaps.
- Security teams recommended frequent testing—weekly for internal assets and daily for external-facing ones.
- Success in CTEM is measured by closing exploited attack paths, not just patching vulnerabilities.
- Clear reporting is required, focusing on risk rather than technical metrics, especially for regulatory compliance and board discussions.
Cybersecurity professionals discussed new approaches to Continuous Threat Exposure Management (CTEM) at the Xposure Summit 2025, focusing on defending complex production environments. Leaders from companies such as IDB Bank, Avidity Biosciences, and Wyndham Hotels and Resorts addressed how operationalizing CTEM can help organizations reduce the risk of breaches.
According to research referenced at the event, organizations that put CTEM programs into practice could be three times less likely to experience a security breach by 2026. Experts on the panel stressed, however, that these benefits depend on actually operationalizing CTEM strategies rather than treating them as theoretical solutions.
Panelists highlighted specific steps to make CTEM effective. They recommended starting with asset inventory and identity management, focusing on weak service accounts, over-permissioned users, and outdated logins. They advised weekly checks for internal systems and daily validation for public-facing assets. As Michael Francess from Wyndham Hotels and Resorts noted, "You need to understand your adversaries, simulate their TTPs, and test your defenses against real-world scenarios, not just patching CVEs." This approach shifts the focus from only fixing known vulnerabilities to actively checking whether security controls stop real threats.
In regulated industries such as banking, organizations must answer detailed questions from regulators about their exposure and risk remediation timelines. Alex Delay from IDB Bank said, "You will get challenged on your exposure, your remediation timelines, and your risk treatment. And that’s a good thing. It forces clarity and accountability." Panelists also agreed that boards increasingly want to discuss risk directly, rather than technical scores or vulnerability counts.
For measuring progress, Ben Mead of Avidity Biosciences explained that his team tracks closed attack paths instead of counting vulnerabilities. He shared that exposing and remediating attack paths, such as over-permissioned accounts and forgotten assets, made real risks clearer to senior leaders.
Further details from the discussion and the full conversation can be found on the Apple.com/us/podcast/ctem-buzzword-or-reality/id1820920546?i=1000713085733″ rel=”noopener”>Apple Podcast and Spotify platforms.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
