Cyber security metrics often focus on compliance and exposure to risk based on factors such as number of attack vectors and duration of exposure to vulnerabilities. Based on trends published in reports such as the Verizon DBIR of 2013, current cyber security metrics practice needs to improve in order to detect cyber-attacks quickly and drive business action. Strong consensus needs to be built regarding adoption of a metrics-based continuous cybersecurity monitoring approach that closes the gap between security operations intelligence and business risk. We will discuss current gaps in cyber security metrics practice, identify potential methods to close the metrics gap, and share preliminary results gathered from deploying these methods internally at our organization.
Ещё видео!