Lack of standard metrics to measure, manage and benchmark cyber risk limits security efficiency and effectiveness, making it difficult to prioritize and coordinate cyber defenses
- Single security truth from Board to Bits
- If you don’t know where you are going, any road will take you there
- Link operational cyber security, risk, compliance and threat management
- Establish coverage and gap metrics vs. threats, vulnerabilities, and attacks
- Integrated seamless security management and operations
- Progression from the decision to automation based on security risk appetite
To help you get started, here are a few questions:
You’re not locked into any of this; one of the wonderful things about blogs is how they constantly evolve as we learn, grow, and interact with one another — but it’s good to know where and why you started and articulating your goals may just give you a few other post ideas.