Those of us who read this magazine regularly know about security metrics. We have read about their value and seen monthly examples of useful metrics and what to do with them. But, ladies and gentlemen ...

In lean times, a business process metrics program might seem like something that’s nice to have but not essential. However, identifying, redesigning, and monitoring just one critical business process ...

Over the past several months, we have discussed a number of metric examples. It is important to place these in a context of organizational accountability. Where does accountability lie for the ...

The slides are perfect. Every box on the dashboard is green. After an hour of briefing, senior leaders nod, thank the team and move on. Two months later, the program slips a key delivery and scrambles ...

Effectively managing cybersecurity programs is a bottom-line issue. Learn how to provide specific, measurable metrics targeted to your stakeholders. When it comes to measuring the performance of their ...

In this chapter, the committee begins by discussing metrics in general, including terminology and a kind of taxonomy of metrics, what metrics cannot do, and some thoughts on measuring trust and ...

As solutions to managing cybersecurity threats increase, surprisingly few metrics are available on how well these methods work to secure organizational assets. The National Institute of Standards and ...

Randy Marchany has been involved in the computer industry since 1972. He is currently the Virginia Tech Information Technology Security Officer and the Director of the Virginia Tech IT Security Lab.