Module 3: Vulnerability prioritization

AINS6302 — AI for Risk Assessment

Essential Question

Which weaknesses matter most now?

Scenario

a cyber risk committee prioritizing mitigation across assets with different exposure and business value

Stakeholders: CISO, risk officer, system owner, auditor, and executive sponsor

Core Moves

• Define the decision boundary

• Compare baseline and alternative

• Interpret evidence and assumptions

• Identify failure modes

• Recommend next action

Lab & Assignment

Prioritize vulnerabilities with contextual features.

Artifact: cyber risk assessment package with scoring rationale, treatment plan, and executive dashboard focused on vulnerability prioritization: Prioritize vulnerabilities with contextual features.