In an environment where physical and cyber risks are increasing, it is critical that security organizations maintain well established security metrics to better control, track, and refine preparation, mitigation, and response operations to replace fear and uncertainty in organizational functions.

While executives are concerned with how secure their organizations is, the likelihood of a breach occurring, and what security programs are most effective at protecting people and assets, security metrics should be shaped to provide visibility into operational effectiveness and illustrate strategic value of those operations.

Using examples from security metric programs developed for federal and private security focused organizations, this presentation will share contemporary best practices for security metrics and measures for security organizations.

Program Objectives:

  • Understand the challenges with designing security measures and metrics that are relevant to the current and future hyper-connected security landscape and ecosystem
  • Understand how to present security measures and metrics that provide business value to the leadership echelon based on the maturity and culture of the organization
  • Understand how to use and present different types of security metrics (lagging and leading strategic, operational, and tactical) to effectively convey the intended message based on the needs and interests of the audience