Insight on Security Metrics

The SEC’s perspectives on KPIs and business alignment.

Filter by

Insight on Security Metrics

What is the Cost of a Bad Employee

Even a single insider incident can rise to the level of a serious crisis. the time involved in resolving an insider misconduct case resulting in termination for cause is one small aspect of reputational risk.
Click for more details
Insight on Security Metrics

What Is a Reportable Security Violation in Your Organization?

Security is a key player in the governance of internal controls. How serious is the notion of compliance in your company?
Click for more details
Insight on Security Metrics

Security Issues in Leased vs. Owned Property

Whether a company owns or leases properties for its various operations often depends on cost and logistics, but risk should also be considered.
Click for more details
Insight on Security Metrics

Working with Customers for Better Access Control

Access management is a core safeguard. Understand the range of risks driving this set of safeguards and work with your customers to tailor the protection strategy for results.
Click for more details
Insight on Security Metrics

Security Operations Control Center Metrics

The security operations control center (SOCC) is one of the most critical functions of the security organization, where customer service, first response and risk management combine to provide the most visible and essential corporate security services.
Click for more details
Insight on Security Metrics

Demonstrate a Need for Stronger Background Vetting

A comprehensive background investigation program is critical to the health and integrity of any enterprise and the quality of internal and external background vetting is critical.
Click for more details
Insight on Security Metrics

Be a Learning Organization

Do you routinely dig into your incidents to identify the root causes and pass on the learning to those who need to know? If not, plan on logging more of the same and documenting allegedly smart people repeating their mistakes — or worse.
Click for more details
Insight on Security Metrics

Create a Measures Map

Objective: To visually convey our understanding of and response to a risk event, to show how that risk links to applicable metrics, and to demonstrate that measures are being taken to mitigate future risk.
Click for more details
Insight on Security Metrics

Gain Support by Illustrating Security's Response Time

We hear a lot about first responders. In the proactive security organization, our security operations teams are the ones that get the initial emergency call and move to assess it and respond from within. Is your organization up to the test of that call?
Click for more details
Insight on Security Metrics

Tracking Leading and Lagging Indicators

Senior management and analysts in the businesses we serve are constantly tracking and evaluating a host of economic and programmatic indicators to provide alerts on changes in market conditions that need to be addressed.
Click for more details
Insight on Security Metrics

Create a Business Unit Scorecard

Objective: To assess the security of various business units and effectively communicate our findings and recommendations to business leaders.
Click for more details
Insight on Security Metrics

Determine the Exploitability of Selected Security Defects

Objective: To estimate the probability of loss in areas of concern, given known vulnerabilities.
Click for more details
Insight on Security Metrics

Corporate Security Metrics - Key Performance Indicators: Examples

Following are some KPI samples by way of charts that might be used in executive communications. Use them to generate ideas for performance indicators your security organization should deploy.
Click for more details