Vulnerabilities / Threats
2/10/2012
04:30 PM
50%
50%

5 Tactical Security Metrics to Watch

Wondering how secure your corporate network is? Experts offer a checklist of things to do and areas to monitor.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
Ask security professionals for a list of important metrics, and expect to get a long list with much debate. Yet information security managers need a way to keep track of their progress on securing the network, while watching out for potential threatening situations.

Good metrics can help define the fight. Although many professionals might argue that it's better to have as much information on the security of their network as possible, too much information can blind practitioners to what is going on, said Mike Lloyd, chief technology officer for network monitoring and discovery firm RedSeal Networks.

"You don't have to have, nor want, a dashboard like an airplane," he says. "You want a dashboard that's more like a car."

In its own dashboard for clients, RedSeal goes to one extreme: A single overall score for network risk. Drilling down on the score is what reveals the specific metrics that make up the score. A network map and two Top 10 lists round out the dashboard.

Verizon and its managed security practice focuses more on incident metrics. Tracking what goes wrong can help an IT manager figure out where to allocate resources, said Christopher Porter, a principal of Verizon's RISK team.

"The types of incidents that you have in your organization are kind of indicative of the people, process, and technology that you have in place," he said.

Here are five metrics recommended by the companies for staying on top of risks:

1. Your ignorance. From Sun Tzu to Donald Rumsfeld, military generals interested in security are always worried about what they don't know. Security practitioners should take a page from their playbooks, said RedSeal's Lloyd.

Read the rest of this article on Dark Reading.

Email encryption, rights management, email gateways and full-on data loss prevention systems can keep corporate data secure. Consider the pros and cons of each to determine what's best for your business. Download our Email And Data Loss report. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.