This chapter covers
- Designing a cybersecurity metrics program
- Building effective metrics dashboards
- Open source tools
- Analyzing and reporting to inform actionable decisions
- Common challenges and pitfalls and how to avoid them
Implementing an information security program is more than simply setting up defenses, checking boxes, and assuming everything is done. Organizations must continuously evaluate the effectiveness of security measures. Having data-driven insights and the ability to measure and analyze that data is the best way to make better, more informed decisions. The metrics discussed throughout this book will allow you to measure the performance of your information security program. In addition, it can help you identify weaknesses, optimize your defenses, and report to the C-level on your standing.
Chapter 3 discusses the importance of a well-designed cybersecurity metrics program. Here, I provide a repeatable and proven process using the METRICS (Measure, Evaluate, Threshold, Report, Improve, Communicate, and Sustain) methodology—a comprehensive guide for measuring and evaluating security performance to better align our efforts with business goals. This chapter presents the framework for building a sustainable and scalable metrics program.