Defense in Depth Telling Stories with Security Metrics
12 snips
Jul 11, 2024 CEO Shirley Salzman from SeeMetrics discusses the purpose of metrics in storytelling, answering business questions, and effective communication. Experts touch on efficiency, challenges in security metrics, contrasting security mindsets, and tackling ransomware attacks. The importance of continuous monitoring, dynamic dashboards, and risk tolerance in security metrics are highlighted, along with a promotion for cybersecurity templates and metrics solutions by Cmetrix.
AI Snips
Chapters
Transcript
Episode notes
Prioritizing Security Efforts
- Focus on your most critical business processes and the systems that support them.
- Then, secure all aspects of these systems.
Measuring and Communicating Risk
- Understand the board's concerns and use a standard like NIST-RMF to measure against.
- Tie cyber risk directly to business risk using financial terms.
Efficiency vs. Effectiveness
- There's a difference between focusing on resource efficiency and attack effectiveness.
- Security needs to enable the business, not dictate its operations.