Tactical Advice

5 Characteristics of Effective Security Metrics

Being selective and smart about what you measure can help your organization’s IT security.
5 Characteristics of Effective Security Metrics

One of the golden principles of IT security is to maintain a robust system for monitoring. But what happens to your company’s security if you’re wasting time looking at the wrong data?

Dwayne Melançon, chief technology officer for Tripwire, recently attended a security summit where effective security metrics were discussed, and he wrote about it on the company’s blog.

According to what he learned, the security metrics that matter share these five characteristics:

  1. Effective metrics must support the business’s goals, and the connection to those goals should be clear.
  2. Effective metrics must be controllable. (In other words, don’t report on the number of vulnerabilities in your environment, since you can’t control that. Instead, report on the % of “Critical” systems patched within 72 hours, which you can control.)
  3. Effective metrics must be quantitative.
  4. Effective metrics must be easy to collect and analyze. (Wheatman says, “If it takes 3 weeks to gather data that you report on monthly, you should find an easier metric to track.”)
  5. Effective metrics are subject to trending. (Tracking progress and setting targets is vital to get people to pay attention.)

Do your security metrics meet this standard?

Sign up for our e-newsletter

About the Author

Ricky Ribeiro

Online Content Manager

Ricky publishes and manages the content on BizTech magazine's web site. He's a writer, technology enthusiast, social media lover and all-around digital guy. You can learn more by following him on Google+ or Twitter:

Security

Three Ways to Integrate Fire... |
Follow these tips to align the devices with log management and incident tracking systems.
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...
The Value of Converged Infra... |
Improvements in security, management and efficiency are just a few of the benefits CI can...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Hardware & Software

New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
The Tools That Power Busines... |
Ever-evolving analytic software can greatly improve financial institutions’ decision-...