Learning Security Metrics

Learning Security Metrics

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 0h 46m | 301 MB

In most areas of business, specifics matter. This is especially true in the area of cybersecurity. If you’re a cybersecurity professional, you’ll have a very short career if the best answer you can come up with to security questions is “I think everything is pretty secure.” You need metrics and hard data to effectively communicate the value of your security programs and activities. In this course, Caroline Wong gives you a tried-and-true approach for customizing metrics that you can use to communicate the objectives and progress of your team’s cybersecurity initiatives. Caroline starts with an overview of the value of metrics, then covers the different ways you communicate cybersecurity topics to different groups like executives, business leaders, and engineers. She also covers risk management objectives, and finishes the course by going over examples of a number of important cybersecurity metrics.

Table of Contents

1 Why are security metrics important

1. Why Cybersecurity Practitioners Need Metrics
2 Cybersecurity is hard to measure
3 Cybersecurity investment
4 Define success for a cybersecurity program
5 Cybersecurity program maturity

2. Know Your Audience
6 The executive mindset
7 The business mindset
8 The technical leadership mindset

3. Risk Management Objectives
9 Defining a risk management objective
10 How to use a risk management objective
11 Examples of risk management objectives

4. Example Cybersecurity Metrics
12 Incidents detected internally vs. externally
13 Security NPS
14 Fixes implemented within SLA

15 Apply security metrics