The resources captured in this hub are here to serve the security community. To create them, we have poured in years of data science and cybersecurity expertise, as well as learnings from global deployments in some of the most advanced security programmes in the world.
Here you can find timely advice and best practices for cybersecurity metrics and measures to help you build an effective security programme and answer key questions about how well your organisation is managing controls coverage and security risks.
Cybersecurity can be a race against time. You need to know how long it takes to detect a vulnerability or threat event that could cause impact and respond to contain it. It’s an essential metric. But measuring ‘mean time to detect and respond’ can be a double-edged sword.
The reports, papers and other resources to be found here are inspired by our conversations with our customers and renowned security and risk experts at global organisations. We often commission industry reports, independent studies and gather insight to advance the field of cybersecurity metrics and measures.
This report reveals the biggest challenges in creating metrics to measure and report on risk: trust in data, time and resources, and knowing what metric to use. We discovered who are the most demanding stakeholders, the frequency of their requests and how much time security teams spend on creating and preparing metrics each month.