security metrics
The evolution of security metrics for NIST CSF 2.0
CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measured specific systems or …
Company executives can’t afford to ignore cybersecurity anymore
Asked about the Board and C-Suite‘s understanding of cybersecurity across the organisation, only 39% of respondents think their company’s leadership has a sound …
7 metrics to measure the effectiveness of your security operations
Given inflation and economic uncertainty, the cybersecurity industry is starting to experience budget cuts, despite a surge in ransomware attacks. As more budgets are going …
The cybersecurity metrics required to make Biden’s Executive Order impactful
For too long, both the private and public sectors have not prioritized cybersecurity efforts enough and only acted in “good faith” – an inadequate effort to improve …
What prevents companies from achieving effective security performance management?
Cybersecurity performance is critical to achieving commercial success, according to a BitSight study. Among the study’s most interesting findings is that nearly two in five …
CISO do’s and don’ts for board reporting
Security is no longer just a job for IT – it impacts all areas of a business, from brand perception to the bottom line. As a result, CISOs are increasingly being asked to …
Structural integrity: Quantifying risk with security measurement
In my previous post, we set up the foundation for a risk quantification program. Many organizations have begun this part of their security strategy and are learning how to …
Most organizations suffered a business-disrupting cyber event
A study conducted by Ponemon Institute found that 60 percent of organizations globally had suffered two or more business-disrupting cyber events — defined as cyber attacks …
Even with internal focus, most companies utilize external resources for cybersecurity
A greater reliance on metrics to measure success combined with enhancing skills across security teams can help organizations boost their cybersecurity effectiveness, according …
Why security products should be more actionable for users
As an active angel investor in companies that want to bring new security technology into the market, Azi Cohen is most likely to be persuaded to invest by three things: an …
How to adopt the mindset of continuous security for security operations
In this podcast recorded at RSA Conference 2018, Dino Dai Zovi, co-founder and CTO at Capsule8, talks about what continuous security is, and how you should bring more of this …
G Suite users get a better view of their enterprise security posture
Google is rolling out a new security tool for G Suite Enterprise users: the Security Center. The tool aims to give administrators a better understanding of their …