Relieving The Cyber Metrics Headache
August 24, 2020
An oft-quoted business maxim is “if you can’t measure it, you can’t manage it”. Despite its straightforward logic, this truism has its detractors. These people have clearly never met a compliance auditor or the board-level sponsor of an enterprise cybersecurity strategy. If they had, the importance of metrics to the management of cyber risk would be abundantly clear, as would the criticality of being able to prove your position beyond doubt.
That’s because at the heart of any effective security programme are metrics: the objective measurements that answer key questions about how well the organisation is managing controls coverage and security risks.
When done right, metrics help enterprises create a stronger security posture by ensuring a control failure does not turn into a security incident.
Read the full article by the Cyber Security Magazine.