Insight on Security Metrics

The SEC’s perspectives on KPIs and business alignment.

Filter by

Insight on Security Metrics

The Risk-Aware Organization

Security practitioners often equate security awareness programs with posters in break rooms, intranet alerts and informative brochures on the risk of the month. While these media serve a useful purpose, Security’s risk awareness strategy must be significantly more disciplined and structured than a periodic communication exercise.
Click for more details
Insight on Security Metrics

Security Awareness: A Few Key Indicators

If your company thinks
Security is the owner of security-related business risk, get your résumé up to date! Business process owners’ awareness is a fundamental element in a security risk mitigation strategy. We are paid to understand the range and depth of risks confronting the business in its various environments, to build strategies to mitigate them, and to educate our constituents on their responsibilities.
Click for more details
Insight on Security Metrics

Measuring Awareness of Access Control Responsibilities

Two key measures of the effectiveness of a security program are (1) how well security communicates the security responsibilities it expects employees to meet; and (2) the affirmation that those expectations are being met.
Click for more details
Insight on Security Metrics

Create A Security Awareness Dashboard

One of the fundamental obligations we have in corporate security is to understand the potential for “what if” and communicate our knowledge and concerns both to those who could be affected and to those who have accountability for protecting the assets of the enterprise.
Click for more details