Insight into Security Metrics

We help clients with our collective expertise to advance security leader and program success. Find SEC insight, trends and perspectives to start and maintain your security metrics efforts.

Filter by

Insight into Security Metrics

The Risks of Outsourcing Information Security

Don't overlook the risks that accrue due to the loss of effective business controls over sensitive activities, particularly those associated with information infrastructure and vital information assets.
Click for more details
Insight into Security Metrics

Neglect and Apathy – Your Worst Enemies

Risks become avoidable when we put effective safeguards in place to counter them. They become inevitable when we fail to do our jobs — that is, when we disable or fail to enable essential security measures. Let’s look at a large retail chain as one example.
Click for more details
Insight into Security Metrics

Measuring Alignment Using Key Risk Indicators

I get a lot of questions about how Security can demonstrate with metrics that we have a positive connection to the core business strategy and objectives. Here’s one example.
Click for more details
Insight into Security Metrics

Threat Assessment: Measuring Likelihood

When you think about security threats to your business, which do you think are likely to manifest? What are the probabilities of a specific type of event occurring at a particular location? How do you convey your concerns to management without sounding like Chicken Little yelling that the sky is falling?
Click for more details
Insight into Security Metrics

Incident Analysis Identifies Business Practice Risk

Knowledgeable insiders are a serious threat to an organization, since they live inside protective measures. They have a unique understanding of the company's vulnerabilities and know how to use them to their own advantage.
Click for more details
Insight into Security Metrics

Increase Influence and Protection through Proactive Risk Assessments

We security professionals cannot sit back and wait for an incident to happen. We are paid to anticipate risk and engage in preventative activities that will eliminate hazards or minimize the impact on business operations and employee safety.
Click for more details