Really Useful Security Metrics
Shrdlu over at the Layer8 security blog has come up with a list of security metrics that will doubtless be very useful in communicating with your CISO:
- the number of times you have to beg your sysadmins to patch (per release cycle)
- the number of senior executives that violate the security policies they signed off on (per month or year)
- the number of conferences your boss refuses to send you to (per year)
- the number of security topics you discuss, divided by the number of drinks you have, at the one conference you’re allowed to attend
- the number of times you discover a homegrown “crypto” function during code reviews
- the number of times a security vendor tries to go over your head to make a sale (or at least schedule a demo)
- the number of (prohibited) iPads in your building, times the number of support requests for said iPads
- the number of times you have to explain cross-site scripting, per developer, per year (bonus if you have to explain it to a “security professional”)
- percentage of #LIGATT tweets in your tweetstream per day
- the number of times a network or application problem is blamed on “the firewall”
- number of incidents that you still aren’t sure really counted as actual incidents
- number of auditors per audit instance per year, times the number of staff members that have to interact with said auditors
- number of security-related PowerPoint slides generated per year, minus the number of recycled ones
- number of desks you’ve had to replace due to head damage, per job
Tags: ciso, security metrics
March 31st, 2012 at 5:51 pm
Trackback…
[...]every so often I come across a site that I actually like to read and this is one[...]…
April 14th, 2012 at 12:59 am
Wow, marvelous blog layout! How long have you been blogging for? you made blogging look easy. The overall look of your site is wonderful, let alone the content!. Thanks For Your article about Inside the Firewall » Blog Archive » Really Useful Security Metrics .
April 28th, 2012 at 6:08 am
Your website is beautiful, which is popular among customers. I’ll come to visit again. Thank you very much!
April 29th, 2012 at 2:35 am
most certainly will take hold opinion until I take a look at it further. Good article , thanks therefore we want extra! Added to FeedBurner as properly
May 7th, 2012 at 7:59 pm
Great post at Inside the Firewall » Blog Archive » Really Useful Security Metrics. I was checking constantly this blog and I am impressed! Extremely useful info specifically the last part
I care for such information much. I was looking for this particular info for a very long time. Thank you and best of luck.
May 19th, 2012 at 10:53 pm
this is really a nice blog, i will be here often. thank you for your sharing.http://www.cartaodebanco.com
July 31st, 2012 at 12:58 pm
Truly good site thank you so much for your time in writing the posts for all of us to learn about.
October 16th, 2012 at 12:16 pm
I truly enjoy looking through on this website , it holds good content .
November 5th, 2012 at 5:50 am
Nice post. I learn one thing more difficult on different blogs everyday. It’ll at all times be stimulating to read content from other writers and follow somewhat one thing from their store. I’d want to make use of some with the content material on my blog whether you don’t mind. Natually I’ll offer you a hyperlink on your internet blog. Thanks for sharing.
December 10th, 2012 at 2:09 pm
Thanks so much for providing individuals with an extremely superb opportunity to discover important secrets from this blog. It is often so brilliant and also packed with fun for me personally and my office fellow workers to search the blog on the least three times every week to read through the new stuff you have got. And of course, I am usually astounded concerning the eye-popping knowledge you serve. Some 2 areas on this page are indeed the very best we’ve ever had.
January 8th, 2013 at 12:41 am
The Slave of the Husband…
Seeking ahead to researching excess from you afterward!……