SEM01A-Using Information Security Metrics to Demonstrate Value and Drive Improvements (separate registration required)
In the face of regular, high-profile news reports of security breaches, as well as intense scrutiny of overall institutional costs, security managers may find themselves struggling to demonstrate strategic value and gain insight into the operational effectiveness of their information security programs. Well-considered security metrics can help them meet this challenge. This session will define security metrics, describe the characteristics of truly effective metrics, discuss different types of metrics and where they are best used, and provide tips for communicating metrics to executives. Numerous examples of security metrics will be covered, including those that session participants are currently using or considering and would like to discuss.
Presenters
-
AVP for Information Security, Policy & Records (Retired), University of Virginia