1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

4 security metrics that matter

Discussion in 'CSO' started by RSS, Aug 26, 2015.

  1. RSS

    RSS New Member Member

    As security gains greater visibility in boardrooms and C-suites, security professionals are increasingly asked to provide metrics to track the current state of a company's defenses. But which numbers really matter?

    More often than not, senior management doesn't know what kind of questions it should be asking -- and may concentrate too much on prevention and too little on mitigation. Metrics like the mean cost to respond to an incident or the number of attacks stopped by the firewall seem reasonable to a nonsecurity person, but they don't really advance an organization's security program.

    [ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ]

    Instead, experts recommend focusing on metrics that influence behavior or change strategy.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page