New Resource: Industry Statistics and Metrics
A collection of information security metrics and statistic resources to use when discussing the state of information security. Many of the typical suspects are here – DDoS, Ransomware, SPAM, Insider…
When Security Metrics Miss The Point
After countless years of presenting to boards, executives, and colleagues, I’ve found that I’ve developed almost a split-personality when I’m asked about what metrics to track.
SecurityWeek: Quest for Cybersecurity Metrics Fit for Business
Developing clear, well defined cybersecurity metrics are necessary for the business lines to understand the risk they face. Therefore, it is often a challenge because technical risk doesn’t always relate…
SecurityWeek: Fighting CyberSecurity FUD and Hype
An interview with SecurityWeek around how FUD permeates the cybersecurity industry and how security vendors use it to sell unnecessary products. Increasingly, vendors have come under scrutiny with the never…