Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Articles

9/19/2019
07:00 AM
Ericka Chickowski
Ericka Chickowski
Edge Features
Connect Directly
Twitter
RSS
E-Mail
50%
50%

The 20 Worst Metrics in Cybersecurity

Security leaders are increasingly making their case through metrics, as well they should - as long as they're not one of these.

Number Of Threats Blocked By Security Controls

Says Tim Bandos, vice president of cybersecurity, Digital Guardian: "Of course, it sounds amazing to report to the board that your controls blocked millions upon millions of threats at your perimeter firewall, but anecdotally this is the absolute worst. It sends the wrong message in relation to the effectiveness of your cybersecurity program and doesn't truly gauge how resilient your organization is to an actual threat, such as ransomware or a state-sponsored attack.

"A better metric, in my opinion, is the mean cycle time from initial infection to detection, or the duration to neutralize a successful threat, because at some point they will get in!"

(Image: ASDF via Adobe Stock)

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
13 of 21
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
100%
0%
RyanSepe,
User Rank: Ninja
9/23/2019 | 1:16:23 PM
Re: So many bad metrics...
I second this. A juxtaposing list would be helpful considering that this list covers a lot of prevalently used metrics in the industry.
peterhill
100%
0%
peterhill,
User Rank: Apprentice
9/19/2019 | 9:03:32 AM
So many bad metrics...
What's left?  How about a follow up on the 20 best metrics?
Flash Poll