Metrics that Matter

Historically security metrics have not provided the value to executives to understand the security return on investment and the effectiveness in reducing risk. We will cover previous challenges of metrics as well as identifying methods to improve overall communication on the status of your program. Examples of metrics include: – Capability Metrics – Defining security capabilities, tracking performance bands, reporting on exceptions – Operational Metrics: Time to Detect, Time to investigate, Time to Respond, and Time to Mitigate – User Metrics: Touch points from security to employees, phishing results Learn how to improve metrics through playbook automation and machine learning. – Technology Value Metrics: How to determine if this tool is operating up to expectation? Attendees will also receive a top 10 metrics template to help them get started with creating metrics that matter.