Blog Posts Tagged with "metrics"

0a8cae998f9c51e3b3c0ccbaddf521aa

The subtle difference between metrics and insight

October 18, 2012 Added by:Rafal Los

The audience matters when you're collecting data and trying to make sense of it. In fact, the audience matters so much that sometimes you can't even 'refine' your way from one tier to another without going out and collecting a whole new set of data..

Comments  (2)

Bd07d58f0d31d48d3764821d109bf165

Five Tips for CISOs Presenting to the Board

October 01, 2012 Added by:Tripwire Inc

As security is becoming more important in the overall risk posture of organizations, boards are becoming more interested hearing directly from security executives which requires a different level of communication that CISO/CSOs may not be used to presenting...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Security Metrics: Five Tips

September 03, 2012 Added by:Tripwire Inc

By Dwayne Melancon - I was in a session with someone who provides security consulting, picking his brain for what is working as he helps organizations translate security into something meaningful to the business. This is the paraphrased version

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Countermeasures, Weather Forecasts, and Security Metrics

July 25, 2012 Added by:Tripwire Inc

Take a look at the things you measure. In particular, take a look at the things that become part of your bonus calculations or your performance reviews. If you are being measured against things that feel more like Tracking Indicators (like a weather forecast), then it’s time to renegotiate your Metrics...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

UP and to the RIGHT: Strategy and Tactics of Analyst Influence

July 23, 2012 Added by:Ben Rothke

If up and to the right is the desired Magic Quadrant location, how does one get there? For many tech firms, they often are clueless. In this book, Stiennon provides clear direction. For those looking to make the expedition to the land of Gartner, this book is a veritable Berlitz Guide on how to make the journey...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

What Actions Do Your Security Metrics Promote?

July 12, 2012 Added by:Tripwire Inc

“It is possible to focus on a single metric and drive it up or down, but wreak havoc on the organization through unintended side effects. Some organizations have to deal with some people “gaming the metrics”, which again can lead to unintended side effects. Other organizations use metrics as a way to begin a conversation..."

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Are Your Security Metrics “Top Five" Worthy?

July 09, 2012 Added by:Tripwire Inc

In conversations with infosec executives, a common question is “What should I really be measuring?,” or they make comments like “I report on a lot of things, but I am not sure what the top security indicators are that I should roll up to my executive team.” Here are the five characteristics of effective metrics...

Comments  (1)

68b48711426f3b082ab24e5746a66b36

Five Reasons Why You Need an Application Security Program

June 28, 2012 Added by:Fergal Glynn

Many organizations looking at application security for the first time struggle with why they should take a programmatic approach to tackling application security. The simple fact is that if someone wants your intellectual property, they are going to use software you bought, built or outsourced to get at it...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

OTA Introduces Online Trust Index Measuring Website Security

June 07, 2012 Added by:Headlines

"OTA's work to recognize best practices for sites underscores the importance of focusing on security and privacy holistically. This year's honor roll recipients have demonstrated exceptional leadership and commitment towards consumer protection and to enhance the vitality of the internet"...

Comments  (0)

1b061b1cec6b5898e5326992d9461610

Infosec Subjectivity: No Black and White

June 04, 2012 Added by:Dave Shackleford

Overall, here’s the rub: There are almost no security absolutes. Aside from some obvious things like bad coding techniques, the use of WEP, hiring Ligatt Security to protect you, etc... Everything else is in information security the gray area...

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

NIST Workshop: The Technical Aspects of Botnets

May 16, 2012 Added by:Infosec Island Admin

NIST seeks to engage all stakeholders to identify the available and needed technologies and tools to recognize, prevent, and remediate botnets; explore current and future efforts to develop botnet metrics and methodologies for measuring and reporting botnet metrics over time...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Some Observations on Klout Scores

May 15, 2012 Added by:Ben Rothke

Influence is extremely difficult to measure. In the academic world, the Hirsch number is an index that attempts to measure the impact of a published work, but like every index it can be manipulated. So is Klout an effective method of measuring online influence? From my analysis, no...

Comments  (1)

B9d9352326e5421a02e698a51d10ad2c

Cybercrime Does(n't?) Pay

May 14, 2012 Added by:Beau Woods

Although many studies fail at basic science, I'm hopeful that the information security industry will get better both at true academic research and at coming up with accurate metrics for the most important data. We'll get there as we mature as an industry, but it will take a while...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Compliance: To Boldly Go Where the Board Needs to Go

April 29, 2012 Added by:Thomas Fox

I was thinking about Captain Kirk and his leadership of the Enterprise in the context of issues relating the Board of Directors responsibility in a company’s compliance program. Kirk did not have to deal with a BOD, but he did lead from the front, and that is what a CCO must do...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Making Security Metrics That Matter

April 22, 2012 Added by:Robb Reck

The traditional role of security in the organization has been that of a cost-center to be minimized. Security’s success has historically been defined by internally developed measures. We work to create best-practice metrics that show how mature the security program is...

Comments  (2)

44fa7dab2a22dc03b6a1de4a35b7834a

CIOs and Securing Data with Analytics

April 19, 2012 Added by:Bill Gerneglia

This expanding rate of potential threats call for a new way to approach corporate data security. The latest approach is one that is based on intelligence and BI tools. Security intelligence applies advanced analytics and automation technology to the collection of information from hundreds of sources across an organization...

Comments  (1)

Page « < 1 - 2 - 3 > »