How do we manage what we can’t measure? One of the cornerstones of the scientific method is measurability: a focus on defining the ways of counting or measuring aspects of reality that we hope will be ...

As cyberthreats grow more sophisticated and costly, business leaders are pouring more money than ever into cybersecurity ...

For security professionals, two free risk-management guides out this week provide directions on how to establish corporate security metrics, as well as tips on organizing risk-assessment and ...

Security teams have learned to measure activity. The harder task is turning those measurements into signals directors can use to govern risk. Security teams live in a world of numbers. Dashboards ...

For years, organizations have relied on traditional security metrics to measure their risk posture. Service-level agreements (SLAs), issue closure rates, and compliance checklists dominate dashboards, ...

In 2023, the cybersecurity challenges in the Operational Technology (OT) and Industrial Control Systems (ICS) landscape reached unprecedented levels. Ransomware, increasingly prevalent through new ...

Security and risk management (SRM) leaders face mounting pressure from executives to ensure that security incidents are managed effectively, minimizing disruptions to enterprise performance and ...

CISOs are finding new measures to quantify the business value of cybersecurity investments that can show how a security team’s work supports a company’s top and bottom lines. Longtime security chief ...

The Center for Information Security also launches a new service that enables companies to compare their security performance with their peers The Center for Internet Security (CIS) is set to release ...