The speed at which attackers exploit vulnerabilities has turned cybersecurity into a race against the clock. With over 21,000 CVEs reported in just the first half of 2025 — an average of 133 new flaws each day — organizations face an unprecedented challenge: reducing the window between detection and remediation to avoid million-dollar losses. It is no longer enough to identify vulnerabilities; the new paradigm demands contextualizing them and acting with intelligence, automation, and total visibility of the attack surface.

The End of Periodic Scans

Traditional periodic scanning models have become obsolete. As Iratxe Vázquez, Senior Product Marketing Manager for Cybersecurity at WatchGuard Technologies, points out, “a periodic scan offers a static snapshot of an environment that is constantly changing.” Between two assessments, new cloud services, unmanaged devices, or privilege changes can appear that completely alter the risk profile. The reality is that attackers automate reconnaissance and exploitation, drastically reducing reaction time. Therefore, the key indicator is no longer how many vulnerabilities are identified, but how long a critical exposure remains unpatched.

AI and Deepfakes: The New Frontier of Threats

Artificial intelligence not only accelerates flaw detection but also powers attacks. Álvaro del Hoyo, Technology Strategist for Southern Europe at CrowdStrike, warns that deepfakes have evolved Business Email Compromise (BEC) into identity impersonation via video or audio. These attacks, when successful, cause devastating impact. AI is used both to prepare infrastructures and to launch social engineering campaigns, forcing companies to bolster their defenses with defensive AI and continuous monitoring.

Prioritize by Real Risk, Not CVSS

The great challenge is not the lack of alerts, but data saturation. Doris Seedorf, CEO of Sofftek for Spain, insists that prioritization must be based on financial and operational impact, not isolated technical metrics. Iratxe Vázquez adds that the CVSS score does not reflect real risk: it is necessary to combine severity, exploitability probability, exposure level, and business impact. Sources like the CISA catalog or the EPSS model help, but they must be integrated with each organization's internal context.

Automation with Governance

Automation is key for real-time management, but it cannot be blind. Vázquez proposes a clear control framework: approval policies, maintenance windows, pilot groups, and rollback mechanisms. Seedorf goes further, envisioning an “ExperimentOS” where autonomous systems operate under strict traceability rules. Automation can activate temporary measures like asset isolation when no patch is available, without losing operational control.

Visibility Beyond Inventory

“You cannot protect what you cannot see,” Vázquez reminds. But lack of visibility is not always lack of data: often information is scattered across tools that do not communicate with each other. The key is to connect endpoint, network, identity, and cloud telemetry, and transform data into rapid operational decisions. Additionally, visibility must include asset behavior: lateral movements, unexpected communications, or anomalous activities that go unnoticed among thousands of legitimate events.

The Transition to CTEM

The shift from traditional vulnerability management to models like CTEM (Continuous Threat Exposure Management) is irreversible. Seedorf considers it “natural in an era where technology is the main driver of competitiveness.” Vázquez explains that CTEM focuses on real exposure and attack paths, continuously validating which assets are accessible, which identities open unexpected doors, and which controls fail. It does not replace vulnerability management but expands it with a dynamic and operational view.

To delve deeper into how cybersecurity demands live vulnerability management, we invite you to read our previous analysis. And if you want to understand how generative AI can be integrated into these flows, don't miss our guide on implementing Generative AI in workflows.

Original source: ComputerWorld. Analysis and adaptation by ForgeNEX.