ONALASKA, Wis., Nov. 17, 2016 /PRNewswire/ -- Sergeant Laboratories is excited to announce the launch of a new information series to highlight top issues present in the information security industry. To launch this important new series, Sergeant Laboratories hopes to increase the understanding of what vulnerability and risk metrics are and how to present important information to management. Logo - http://photos.prnewswire.com/prnh/20161116/440361LOGO Even among information security professionals, vulnerability and risk metrics are often misunderstood. This is because many security professionals do not have the proper tools and processes in place to collect the metrics and, ultimately, measure risk. Many people miss the connection that vulnerability metrics are a function of four distinct elements: Continuous monitoring, asset inventory, asset connections, CPEs and threat data. If any of these elements are unaccounted for, or change randomly, the resulting vulnerability and risk metrics will become skewed. If a security professional uses these skewed metrics to attempt to manage risk, then the organization will be vulnerable to a potential security breach since the metrics are inaccurate. Commenting on the misunderstanding of vulnerabilities, Sergeant Laboratories CEO Eric Anderholm explained that, "In an ever-changing cyber landscape, vulnerabilities are constantly being introduced, patched, and reintroduced. Being able to determine which of those vulnerabilities are critical to an IT infrastructure, remediating them, and proving to management that security processes are working is a key step in locking down a network. To do this, you need to understand the metrics you are seeing and be able to show management that security risk is being managed." To mitigate risk effectively, information security professionals must begin to manage risk like they would any other aspect of the business. To do this, they need access to meaningful vulnerability and risk data that paint an accurate, updated picture of the organization's security risk posture at the point of inquiry. The first step in gathering these meaningful metrics and presenting them to management is having the proper process in place to college, analyze, report on, and remediate threats to the network.