Better metrics can show how cybersecurity drives business success
- by nlqip
For example, instead of reporting figures relating to the applications connected to active directory, which Ballarin says doesn’t speak to security’s impact on business success, the security leaders share how investments in incident response and recovery have shortened the downtime that could be expected in the case of an event and — more to the point — the dollar value of how many more sales could happen as a result of the faster recovery time.
“This shows that even though I can’t protect against all the attacks, that if a disaster happens, we have tested what everyone has to do and we can tie that to the [better] recovery time and the business value of being able to recover in a shorter timeline,” he explains.
Better metrics mean more effective communication
The movement to metrics that speak to business value does not negate the need for the longstanding metrics that security teams have used, Fusco and others say, noting that mean time to detect (MTTD), mean time to resolve (MTTR), mean time to contain (MTTC) and other foundational measurements are still important and informative.
Source link
lol
For example, instead of reporting figures relating to the applications connected to active directory, which Ballarin says doesn’t speak to security’s impact on business success, the security leaders share how investments in incident response and recovery have shortened the downtime that could be expected in the case of an event and — more to the…
Recent Posts
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict