Document Controls
For Security & Risk Professionals
| Primary Analyst Photo | Document Information | Rate this Document |
|---|---|---|
 |
March 31, 2006 Are We Secure Yet?Defining Business-Centric Metrics For Information Securityby Khalid Kark with Laurie M. Orlov, Paul Stamp, Samuel Bright |
|
This is an excerpt
Executive Summary
Information security managers around the globe are frustrated. They are struggling to make sense of the reams of data being churned out in today's enterprise environment. The real challenge for them is not only to identify what is important but also to be able to tie this information from disparate tools into business-centric metrics so that the senior executives can understand them, take action, and be confident that the enterprise is secure. Security managers must differentiate between sustainable operational metrics that help them manage and business-centric metrics that are meaningful to top management. To craft the right metrics, information security managers need to subdivide the initiative into three discrete phases.
TABLE OF CONTENTS
- Information Security Managers Struggle To Demonstrate Accountability
- Security Managers Must Develop The Security Metrics That Matter
- The Three Phases Of Developing Information Security Metrics
RECOMMENDATIONS
- Successful Presentation: The Key To Getting Management's Attention
WHAT IT MEANS
- Metrics Can Bridge The Chasm Between Business And Security
- Supplemental Material
- Related Research Documents
This is an excerpt
Buy Risk-Free
Price: US $499
Our Service Guarantee: If you are not completely satisfied with this document, notify Forrester within 24 hours of purchase for a full refund.
Already a Forrester Client?
Log in to read this document.
