Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Articles

1/10/2020
12:55 PM
Joan Goodchild
Joan Goodchild
Edge Articles
50%
50%

6 Unique InfoSec Metrics CISOs Should Track in 2020

You might not find these measurements on a standard cybersecurity department checklist. But they can help evaluate risks you haven't even considered yet.

A regular audience with executive management and the board is part of the CISO role now. And security leaders know they need to bring measurable information to the conversation to explain and justify their performance and spending. Metrics are no longer optional in security management, and if risk leaders aren't tracking elements such as mean time to detect and respond as well as attack frequency, they are leaving out a valuable aspect of a holistic security program.

But what else should we be measuring? Are there new, different, or emerging measurements that address other concerns?

Recently, we brought you the worst metrics used in security. This time, we've asked security professionals what they think are overlooked or newly emerging metrics that can help make the case for security in new ways. 

(Continued on next page)

Joan Goodchild is a veteran journalist, editor, and writer who has been covering security for more than a decade. She has written for several publications and previously served as editor-in-chief for CSO Online. View Full Bio

Previous
1 of 7
Next
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
   OVER THE EDGE
Building Cybersecurity Strategies in Sub-Saharan Africa

Filmed for Dark Reading News Desk at Black Hat Virtual.

LAURA TICH: We have that imbalance, where the big organizations are more protected, where the smaller ones -- which are the most common businesses in the region -- they are least protected... Sometimes they do get the tools, they do get the funding to buy some critical tools, but there's a lack of skills to handle or people who understand how to work those tools. So there are a lot of factors that contribute to our growth -- or lack thereof -- in the cybersecurity industry.

 

Name That Toon: Tough Times, Tough Measures
Latest Comment: Wear a mask, please!
Flash Poll