For security professionals, two free risk-management guides out this week provide directions on how to establish corporate security metrics, as well as tips on organizing risk-assessment and ...

The Center for Internet Security and the Open Group’s security division have each published comprehensive risk-management guides, the first defining a basis for security metrics and the second a ...

For years, organizations have relied on traditional security metrics to measure their risk posture. Service-level agreements (SLAs), issue closure rates, and compliance checklists dominate dashboards, ...

With the US Securities and Exchange Commission requiring CISOs and boards of directors to increase the level of transparency around their organizations' cybersecurity capabilities and to speed up ...

Security teams have learned to measure activity. The harder task is turning those measurements into signals directors can use to govern risk. Security teams live in a world of numbers. Dashboards ...

The Environmental Protection Agency's logo is displayed on a door at its headquarters on March 16, 2017, in Washington, D.C. (Photo by Justin Sullivan/Getty Images) The Environmental Protection Agency ...

Gathering metrics to measure the effectiveness of an enterprise security strategy can be a difficult and somewhat imprecise task, but that’s no excuse for not trying, said IT managers at RSA ...