Developing Practical and Meaningful Cyber Security Metrics for the Enterprise

Presented: November 11, 2014 12:00 pm
Presented by: Ben Pokines, Matt Sweeney

Cyber security metrics often focus on compliance and exposure to risk based on factors such as number of attack vectors and duration of exposure to vulnerabilities. Based on trends published in reports such as the Verizon DBIR of 2013, current cyber security metrics practice needs to improve in order to detect cyber-attacks quickly and drive business action. Strong consensus needs to be built regarding adoption of a metrics-based continuous cybersecurity monitoring approach that closes the gap between security operations intelligence and business risk. We will discuss current gaps in cyber security metrics practice, identify potential methods to close the metrics gap, and share preliminary results gathered from deploying these methods internally at our organization.

Computer Icon

Host a Webinar with CSIAC

Are you interested in delivering a webinar presentation on your DoD research and engineering efforts?

Want to find out more about this topic?

Request a FREE Technical Inquiry!