Get Started: Creating InfoSec Metrics

What should I measure, and why? Information security metrics measure a security program’s implementation, effectiveness, and impact. They are tools designed to facilitate decision making and improve performance and accountability. Yet where should a higher education institution start when collecting and analyzing relevant information security performance-related data? How do you detect trends in the data you have? How might information security threat intelligence data be used in your metrics program? This session will introduce participants to internal and external data sources that can be used to create information security metrics and best practices resources to help create information security metrics.

Learning outcomes:

• Differentiate between internal and external sources of metrics data
• Learn about different types of information security metrics
• Discover resources to help you in creating information security metrics