Security Metrics & Reporting

Background

Security Metrics & Reporting

If you look at the agenda topics on CISO gatherings and networking events, you will notice one of the biggest topics of discussion is effective management reporting up the chain to the executive team and board.

In a lot of cases there is a disconnect between the executive team and board and the security function. The board feels its not getting what it needs to support or challenge the security function, and at the same time the security function feels un-supported and doesn’t understand why as its producing all this great data.

This is where we can add real value.  Our expert team have spend significant time as CISO’s for major brands, but also as board advisors for cyber security… We see the problem all the time.

By elevating the reporting from the security function we can create what we call ‘meaningful metrics’ which the board can resonate and engage with and provide appropriate support and challenge.

We have transformed the relationship between the security function and the board for large and medium sized clients.

Service features

  • Industry recognised expertise embedded into your team and/or project
  • Identification of the key KPI/KRI for you current situation
  • Joint development / improvement of security dashboard based on our meaningful metrics framework

Outcomes current clients have experienced

  • Significantly improved relationship between CISO and the Executive / Board
  • Clarity on current priorities and constraints
  • The board feel enabled to support initiatives as they can see the problem and the solution
  • Greater understanding of current residual risk exposure