Blog Posts Tagged with "metrics"
October 18, 2012 Added by:Rafal Los
The audience matters when you're collecting data and trying to make sense of it. In fact, the audience matters so much that sometimes you can't even 'refine' your way from one tier to another without going out and collecting a whole new set of data..
October 01, 2012 Added by:Tripwire Inc
As security is becoming more important in the overall risk posture of organizations, boards are becoming more interested hearing directly from security executives which requires a different level of communication that CISO/CSOs may not be used to presenting...
September 03, 2012 Added by:Tripwire Inc
By Dwayne Melancon - I was in a session with someone who provides security consulting, picking his brain for what is working as he helps organizations translate security into something meaningful to the business. This is the paraphrased version
July 25, 2012 Added by:Tripwire Inc
Take a look at the things you measure. In particular, take a look at the things that become part of your bonus calculations or your performance reviews. If you are being measured against things that feel more like Tracking Indicators (like a weather forecast), then it’s time to renegotiate your Metrics...
July 23, 2012 Added by:Ben Rothke
If up and to the right is the desired Magic Quadrant location, how does one get there? For many tech firms, they often are clueless. In this book, Stiennon provides clear direction. For those looking to make the expedition to the land of Gartner, this book is a veritable Berlitz Guide on how to make the journey...
July 12, 2012 Added by:Tripwire Inc
“It is possible to focus on a single metric and drive it up or down, but wreak havoc on the organization through unintended side effects. Some organizations have to deal with some people “gaming the metrics”, which again can lead to unintended side effects. Other organizations use metrics as a way to begin a conversation..."
July 09, 2012 Added by:Tripwire Inc
In conversations with infosec executives, a common question is “What should I really be measuring?,” or they make comments like “I report on a lot of things, but I am not sure what the top security indicators are that I should roll up to my executive team.” Here are the five characteristics of effective metrics...
June 28, 2012 Added by:Fergal Glynn
Many organizations looking at application security for the first time struggle with why they should take a programmatic approach to tackling application security. The simple fact is that if someone wants your intellectual property, they are going to use software you bought, built or outsourced to get at it...
June 07, 2012 Added by:Headlines
"OTA's work to recognize best practices for sites underscores the importance of focusing on security and privacy holistically. This year's honor roll recipients have demonstrated exceptional leadership and commitment towards consumer protection and to enhance the vitality of the internet"...
June 04, 2012 Added by:Dave Shackleford
Overall, here’s the rub: There are almost no security absolutes. Aside from some obvious things like bad coding techniques, the use of WEP, hiring Ligatt Security to protect you, etc... Everything else is in information security the gray area...
May 16, 2012 Added by:Infosec Island Admin
NIST seeks to engage all stakeholders to identify the available and needed technologies and tools to recognize, prevent, and remediate botnets; explore current and future efforts to develop botnet metrics and methodologies for measuring and reporting botnet metrics over time...
May 15, 2012 Added by:Ben Rothke
Influence is extremely difficult to measure. In the academic world, the Hirsch number is an index that attempts to measure the impact of a published work, but like every index it can be manipulated. So is Klout an effective method of measuring online influence? From my analysis, no...
May 14, 2012 Added by:Beau Woods
Although many studies fail at basic science, I'm hopeful that the information security industry will get better both at true academic research and at coming up with accurate metrics for the most important data. We'll get there as we mature as an industry, but it will take a while...
April 29, 2012 Added by:Thomas Fox
I was thinking about Captain Kirk and his leadership of the Enterprise in the context of issues relating the Board of Directors responsibility in a company’s compliance program. Kirk did not have to deal with a BOD, but he did lead from the front, and that is what a CCO must do...
April 22, 2012 Added by:Robb Reck
The traditional role of security in the organization has been that of a cost-center to be minimized. Security’s success has historically been defined by internally developed measures. We work to create best-practice metrics that show how mature the security program is...
April 19, 2012 Added by:Bill Gerneglia
This expanding rate of potential threats call for a new way to approach corporate data security. The latest approach is one that is based on intelligence and BI tools. Security intelligence applies advanced analytics and automation technology to the collection of information from hundreds of sources across an organization...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013