Newsletters Welcome, Guest Log In | Register


Join the Community

Exchange

Get full access to our community's expertise and resources.

Register Now >

Currently Being Moderated

Definitions: Security Metrics

0

Created on: Jan 27, 2009 10:15 AM by CrystalBedell - Last Modified:  Jan 27, 2009 10:19 AM by CrystalBedell

Definition

Security metrics are measurements of key performance indicators that help  organizations establish relationships between different dimensions of their  security strategy.

 

 

Business applications

Security metrics are often used to justify security spending to C-level executives, whether by illustrating the present risk or showing how  security investments have helped mitigate risk. For example, an organization  might measure the number of incidents that occurred within an IT infrastructure  during a given time period, and the amount of time and money needed to resolve  them. This data may help the organization demonstrate a need for additional  security spending or prove a return on technology investment.

 

 

Deployment Concerns

Given the dynamic nature of technology and the threat  landscape, security metrics quickly become outdated. They also lack standardization, so organizations  cannot easily compare their security posture to best practices or even other  organizations within the same industry. Organizations can deploy an automated  security metrics program to help ensure that metrics are current, but they are  still limited in their ability to compare metrics.

 

When presenting security metrics, IT professionals must be  careful to present the findings in relation to the business.  C-level executives and upper-management must be able to understand the business  impact of the security metrics to understand how they justify security  spending.

Average User Rating
(0 ratings)




Add a comment Leave some feedback about this document.

There are no comments on this document

Disaster Recovery & Business Continuity Template Pack

Prepare your company for any type of disaster you can envision and those you cannot. Immediately download this comprehensive set of templates and tools for documenting your business contingency plans.

Learn more >

Social Media Policies Toolkit

Define the rules at your company for the proper use of social media platforms such as Blogs, Twitter, Facebook and Youtube. Ensure your users are spending their time productively and company resources are being used for the business.

Learn more >

Managing and Auditing IT Vulnerabilities

This guide recommends specific management practices to help an organization achieve and sustain higher levels of effectiveness and efficiency and illustrates the differences between high- and low-performing vulnerability management efforts.

Software Forum: Information On Demand Virtual Experience

This interactive virtual forum presents leading IT experts providing the insights you need to turn your information into a strategic driver for innovation, business optimization and competitive differentiation.