How Asurion Escaped the “Fix Every Vulnerability” Hamster Wheel

Thursday, June 8, 2023

9:00 - 10:00 AM PDT

60 minutes, including Q&A

Asurion’s vulnerability management program was stuck in an endless loop of spreadsheets, Power BI, unaddressed cyber risk, and frustrated team members. When it became clear that the firehose of vulnerabilities coming from applications, cloud and traditional infrastructure was never going to slow down, they reached their tipping point.

Join Jim Desmond, Chief Security Officer, and Ian Kirk, Director of Vulnerability Management & Security Development at Asurion to learn how Asurion, the world’s leading tech care company, embraced a risk-based approach to vulnerability management. Discover how they got off the hamster wheel and put security, IT and development on the same path to reduce the risks that pose a real threat to the business.

By attending this session you will learn how Asurion:

  • Focuses remediation efforts on the vulnerabilities and findings that pose the biggest risk to the business
  • Uses a live, detailed picture of their assets, including ownership, to hold business and technical teams accountable for risk reduction
  • Built a collaborative team approach to risk reduction across business leaders, technical teams and security
  • Centralized vulnerabilities, findings, and asset data from 20+ tools across their applications, cloud and traditional infrastructure
  • Reduced business-critical vulnerabilities by 80%

Sponsored by:



Jim Desmond

Chief Security Officer


Jim Desmond is a career security professional and the Chief Security Officer at Asurion, a global device protection company based in Nashville, TN. He has well over 20 years of experience in technology & security leadership with a historical focus on financial services, working for such companies as National City Bank (now PNC), Intuit, Merrill Lynch and Vantiv (now Fiserv). Jim holds an undergraduate degree from The Ohio State University, a masters degree in Information Assurance from Norwich University and multiple security certifications. A Cleveland, Ohio native, he is an inveterate fan of all Cleveland sports.

Ian Kirk

Director of Vulnerability Management


Ian Kirk is the Director of Vulnerability Management at Asurion and has held a number of roles over his 16 years with the organization, including international assignments and founding their Cloud Governance organization. His focus is developing new teams and processes to bring value to the organization. Outside of the office Ian supports his wife’s equine therapy program and seeks out adventure sailing on tall ships.

Terry Sweeney


Black Hat

Terry Sweeney is a Los Angeles-based writer and editor who's covered business technology for three decades. He's written about cyber security for more than 15 years and was one of the founding editors of Dark Reading. Sweeney has covered enterprise networking extensively, as well as its supporting technologies like storage, wireless, cloud-based apps and the emerging Internet of Things. He's been a contributing editor to The Washington Post, Crain’s New York Business, Red Herring, Information Week, Network World, SearchAWS.com, and Stadium Tech Report.

Sustaining Partners