Insight on Security Metrics

The SEC’s perspectives on KPIs and business alignment.

Filter by

Insight on Security Metrics

The Risk-Aware Organization

Security practitioners often equate security awareness programs with posters in break rooms, intranet alerts and informative brochures on the risk of the month. While these media serve a useful purpose, Security’s risk awareness strategy must be significantly more disciplined and structured than a periodic communication exercise.
Click for more details
Insight on Security Metrics

Security Awareness: A Few Key Indicators

If your company thinks
Security is the owner of security-related business risk, get your résumé up to date! Business process owners’ awareness is a fundamental element in a security risk mitigation strategy. We are paid to understand the range and depth of risks confronting the business in its various environments, to build strategies to mitigate them, and to educate our constituents on their responsibilities.
Click for more details
Insight on Security Metrics

Measuring Awareness of Access Control Responsibilities

Two key measures of the effectiveness of a security program are (1) how well security communicates the security responsibilities it expects employees to meet; and (2) the affirmation that those expectations are being met.
Click for more details
Insight on Security Metrics

Empower Critical Business Process Owners Through Awareness

Security has a unique perspective on risk that comes from gathering, analyzing and understanding threat and risk data. This insight obligates us to make our customers aware of the risks that could affect them, especially when those customers control the most sensitive and essential business processes in our companies.
Click for more details