Document Controls
For Security & Risk Professionals
| Primary Analyst Photo | Document Information | Rate this Document |
|---|---|---|
 |
July 22, 2008 Case Study: Verizon Business Builds An Asset-Based Security Metrics Programby Khalid Kark with Jonathan Penn, Alissa Dill, Allison Viglianti |
|
This is an excerpt
Executive Summary
In response to the evolving security threat environment and heightened attention to regulatory compliance, many companies started migrating from a purely reactive security program to a proactive risk-based security program. This has led to new challenges for chief information security officers (CISOs), who now need to convert the risk management vision set by the business into an actionable strategy for the security and risk management program. Sara Santarelli, CISO at Verizon Business, started moving her security practice in this direction five years ago when her team was developing an IP risk dashboard that is driven by "asset-based" metrics. Not only does this dashboard measure the effectiveness of the risk management program, but it also translates these measures into an actionable risk mitigation strategy. With asset-based testing and measurements, the results also provide the basis and justification for new security investments and projects.
This is an excerpt
Buy Risk-Free
Price: US $499
Our Service Guarantee: If you are not completely satisfied with this document, notify Forrester within 24 hours of purchase for a full refund.
Already a Forrester Client?
Log in to read this document.
