The resources captured in this hub are here to serve the security community. To create them, we have poured in years of data science and cybersecurity expertise, as well as learnings from global deployments in some of the most advanced security programmes in the world.
Here you can find timely advice and best practices for cybersecurity metrics and measures to help you build an effective security programme and answer key questions about how well your organisation is managing controls coverage and security risks.
In this Metric of the Month, we discuss an approach to vulnerability prioritisation that goes beyond the typical severity index of critical, high, medium, low to create a multi-dimensional model that prioritises systems using various factors such as business context.
The reports, papers and other resources to be found here are inspired by our conversations with our customers and renowned security and risk experts at global organisations. We often commission industry reports, independent studies and gather insight to advance the field of cybersecurity metrics and measures.
This report reveals the biggest challenges in creating metrics to measure and report on risk: trust in data, time and resources, and knowing what metric to use. We discovered who are the most demanding stakeholders, the frequency of their requests and how much time security teams spend on creating and preparing metrics each month.