Measure Yo Bad Self - SANS Security Operations Summit 2108
SANS Summit schedule: http://www.sans.org/u/DuS
Presenter: Carson Zimmerman, Microsoft
Advancing in capability and maturity is a must for most any cybersecurity operations center (CSOC), as they are compelled to keep pace with their environment, mission, and adversaries. Measuring CSOC effectiveness through the right data gathering can drive evolution and focus the team’s efforts. Yet some CSOCs may view a formal metrics program as too complicated to try; for others, overzealous obsession by management may turn “metrics” into a four-letter word in the eyes of many analysts. It doesn’t have to be this way. In this talk, Carson will offer some practical examples for metrics usable by CSOCs of any age, maturity level, or size. The presenter will step through some practical metrics that help CSOCs measure and grow their level of effectiveness, and provide some advice on how to avoid common metrics pitfalls.