A Security Paradigm Shift: Story Worrying. Love Metrics.
2SANS Cybersecurity Leadership Summit 2022
Speaker: Shirley Salzman
You can't manage what you can't measure - and yet security leaders are expected to do exactly that on a daily basis. You need metrics to be vigilant about the details while not losing sight of the big picture. Like a doctor who treats an illness while keeping sight of long term health; or a CEO who lives in today's market while preparing for tomorrow's. It is no surprise that security organizations invest huge resources and time to generate and access metrics. But with a large number of simultaneous standards, an ever-growing pool of tools and constantly changing threats, even those with analytics teams are struggling to correlate their decisions with their real-time cyber performance. In this presentation we will discuss what it takes to lead a durable security metrics program that would give security leaders a simple way to lead with metrics and how to prioritize metrics to align with fast-changing goals. The resulting metrics would give security leaders dynamic intelligence and continuous confidence to make better decisions, give management an easier way to grasp the context of their security posture, and stop security teams spending vast amounts of time and effort on data analysis; they would instead empower them to secure their business.
View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE