Recently, I had one client describe their existing IT security metrics as ‘coffee table metrics’, meaning they looked pretty but they didn’t really tell him very much. What I gave him was a new set of metrics that ‘took the temperature’ of the risk dynamics occurring at multiple places within his IT estate. This let him see what his main risk issues were and gave him the understanding and measurements he needed to deal with those.
Drawing on my scientific training, I can design security risk metrics that will show you what is really going on within your environment.
Metrics that expose not just how much threat activity you are facing but the extent to which that activity is capable of causing you harm.
Metrics that expose not just how extensively a control has been implemented but its effectiveness at interceding in the progress of the threat and limiting the harm that threat can cause.
Metrics that show how much harm each threat is causing, and where to focus your effort to achieve the greatest effect.
If you would like a set of security risk metrics that tell you how much risk you have and where it is coming from within your IT estate, and provide data that will tell you what you can do about it, then do get in touch. Email me at email@example.com or call 07734 311567 (+44 7734 311567).