How to move from overwhelmed teams to proactive vulnerability reduction

In this CIO Edge keynote presentation, Melissa Bischoping, Sr. Director of Security & Product Design Research at Tanium, highlights how faster, more complex threats demand a new approach to vulnerability management.

Melissa presents a stark view of the evolving cyber security landscape, emphasising the speed and sophistication of modern threats.

She notes that attacker dwell time (the period they remain undetected), has dropped to just 1–2 days, while 81% of attacks exploit existing credentials rather than traditional malware, making detection far more challenging.

Vulnerabilities continue to proliferate, with over 40,000 identified in 2024 and 574 already known to be exploited in 2025, on course to surpass 2024’s total of 881.

AI-enabled attacks, including remote code execution via AI models, increase complexity, while new Australian regulations on ransomware and personal data breaches add further operational and financial risk.

Melissa critiques traditional vulnerability management approaches as high-volume, low-impact processes that overburden IT teams without reducing risk.

She argues that scanning and cataloguing tens of thousands of vulnerabilities is unsustainable, as humans are the most costly resource.

Instead, organisations must prioritise high-touch vulnerabilities, those actively exploited or carrying significant business risk, so that critical analysis guides where teams focus their efforts.

Without this targeted approach, IT teams remain trapped in a cycle of “shovelling spreadsheets”, with limited tangible reduction in exposure or improvement in efficiency.

To address these challenges, Melissa advocates autonomous workflows and endpoint management, predicting that by 2027 automation will cut human effort by 40% in IT teams.

Already, 50% of organisations planned to implement autonomous endpoint management in 2023, with adoption expected to exceed 90% soon.

She introduces the “vulnerability reduction funnel” to separate routine, automation-friendly patches from high-touch issues, and promotes continuous threat exposure management (CTEM)—a five-step, iterative process of scoping, discovery, prioritisation, validation, and mobilisation.

By combining AI-driven automation with data-informed decision-making, organisations can focus human expertise on critical vulnerabilities, reduce attack surfaces, and achieve measurable progress in resilience and operational efficiency.

Key takeaways:

• Modern cyber threats are faster and more sophisticated: With attacker dwell time now 1–2 days, 81% of attacks exploiting existing credentials, and over 574 vulnerabilities already known to be exploited in 2025, highlighting the need for proactive risk management.
• Traditional vulnerability management is inefficient: Organisations must prioritise high-touch, high-risk vulnerabilities to make the best use of human expertise and avoid overburdening IT teams with low-impact tasks.
• Autonomous workflows and continuous threat exposure management (CTEM): Combined with frameworks like Australia’s Essential Eight, enable automation of routine tasks, focus human effort on critical vulnerabilities, and reduce organisational exposure while improving operational efficiency.