The Numbers That Count – Communication at the Nexus of Data and Security

No ratings

Presented at CISOpittsburgh 2015 by

Omar Khawaja

Sean Sweeney

We’ve heard the mantra “you can’t manage what you don’t measure.” The truth of this axiom is felt most acutely in security, where the need of proper management magnifies the necessity of great measurement. But numbers for numbers sake don’t help IT executives build business support for strategies and tools. With copious data available, leaders must understand the most critical information, distinguishing between operational metrics needed to run their programs daily and the metrics that need to be shared with leadership throughout the business. This discussion examines what needs to be measured, how to effectively package metrics and methods for leveraging them to tell a story the business cares about — and needs to remain secure.