[Gartner SRM Summit 2025] Minimizing Threat Exposure through Security Management Optimization with CTEM and ASCA
- Kenneth Nam
- 4 days ago
- 2 min read
The Racecar Illusion: Focus on Reliable Fundamentals, Not the Flashiest Gear
Chris Silva, VP Analyst at Gartner, likened our obsession with complex security solutions to buying a race car without knowing how to use a stick shift. What organizations truly need isn’t the most expensive technology, but rock-solid basics they can count on. After all, 61 % of security leaders report experiencing a breach in the last year due to flawed security management.
High-Profile Breaches Caused by Poor Security Hygiene
WannaCry & NotPetya leveraged SMB v1 and unpatched operating systems, o-called “open windows”, to infect 300,000 machines and inflict over $10 billion in damage.
Midnight Blizzard (Nobelium) exploited disabled MFA and excessive IAM privileges to hijack executive email accounts.
The key lesson is that even a single well-established defensive layer could have prevented the cascading damage.
The 4 Structural Causes of Security Management Failures
Cause | Core Issue |
Tool Fragmentation | Security architecture is divided into dozens of categories, each pointing fingers at the others like the Spiderman meme |
Compliance ≠ Security | Organizations only verify that agents are installed, without measuring actual protection effectiveness |
Uniform Configurations | One-size-fits-all policies ignore business context and user experience, clashing with real-world needs |
Accelerating Cyber Threats | Attackers rapidly advance using automation and generative AI, while defenders remain stuck in manual responses |
Security Management Optimization Action Plan
Set Business-Outcome Goals Rather Than Technical Metrics
Define objectives like “Ensure our sales teams can present securely from anywhere in the world,” not just “deploy tool X.”
Shift from Compliance to Effectiveness
Move beyond ticking boxes. Measure how well your controls actually stop real threats - covering attack technique coverage, misconfiguration detection and remediation, and threat-detection fidelity.
Embed Continuous Execution
Integrate your security program with CTEM (Continuous Threat Exposure Management) to drive an ongoing, structured improvement cycle.
Automate Control Assessment with ASCA
Function | Description | Expected Outcome |
Data Integration | Consolidates logs, asset data, and simulation results from multiple solutions into actionable workflows | Automated prioritization |
Workflow Execution | Instantly remediates unpatched vulnerabilities and over-privileged accounts | Reduced MTTR |
ASCA Vendor | Provides a purpose-built solution with native XDR and CNAPP integration | Accelerated platform adoption |
Merging CTEM and ASCA for a Self-Reinforcing Optimization Loop
Link the exposure metrics ASCA provides into each CTEM phase - scope, discovery, prioritization, validation, action - to create a perpetual optimization feedback loop. Share these KPIs across infrastructure, security operations, risk and business teams to cement the mindset that “Security is a growth-engine driver for the business.”
Back to Basics: Real-World Security Optimization with ASCA + CTEM
Silva’s advice is clear: “Don’t buy the most expensive racecar. Learn to drive the one you already own.”
Collecting shiny new tools without mastering your fundamentals actually increases exposure.
Pairing ASCA and CTEM builds a data-driven cycle of Measure → Prioritize → Automate.
Explaining security in business terms naturally unlocks investment.
Author – Kenneth Nam, Threat Analyst | PAGO Networks
![[Gartner SRM Summit 2025] Cyber Deterrence Strategy](https://static.wixstatic.com/media/374e53_a32f0fe0e7334f84a1c9df305474c3e4~mv2.png/v1/fill/w_980,h_735,al_c,q_90,usm_0.66_1.00_0.01,enc_avif,quality_auto/374e53_a32f0fe0e7334f84a1c9df305474c3e4~mv2.png)
![[Gartner SRM Summit 2025] 4 Key Trends and Survival Strategies for Security Operations](https://static.wixstatic.com/media/374e53_e378d2f6fb2f491f9252d2d0a9108899~mv2.png/v1/fill/w_980,h_608,al_c,q_90,usm_0.66_1.00_0.01,enc_avif,quality_auto/374e53_e378d2f6fb2f491f9252d2d0a9108899~mv2.png)