Tom Bowers, Technical Editor, Information Security magazine, presented this session at Information Security Decisions...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Most discussions of security metrics focus on abstract theory -- how to measure security using complex equations that are only practical in a "perfect" world. This session takes the opposite tack, honing in on real-world methods for developing security metrics given the technical and cultural constraints within the modern organization. Tom Bowers, manager of information security operations at a large pharmaceutical company and technical editor for Information Security, offers insight into metrics that work for his company and other organizations he's familiar with. Tom details current, real-world projects and explains how he and his fellow security practitioners demonstrated value to the business units, as well as the CFO and CIO, without expensive, time-consuming academic formulas.
Download this presentation and learn:
- The theories for generating metrics and if they apply to security
- Where to find measurable security statistics
- Practical low/no cost tools available
- Tips on presenting the business value where ROI is difficult to justify
- How to leverage security events occurring outside your company in your presentation