Security operations centers (SOCs) today are inundated with the myriad threats that have proliferated since the shift to remote work, the move to the cloud, and the decentralization of networks. The task of finding, sorting, and combating them all (with limited resources) can be daunting. That’s why many look to technology to help them bear […]
Organizations struggle to identify and contain a breach. According to Security Intelligence, the average dwell time or “lifecycle” of an organization’s breach detection efforts was 280 days in 2020. This period played into the $3.86 million that organizations spent on average in their data breach recovery efforts for that year. Several factors can affect the time […]
One of the greatest challenges in maturing security programs stems from difficulty showing ROI on your security investments and communicating your security posture and effectiveness in a way that makes sense at the board-level. If you start talking about the number of events per second, firewalls blocked, or MTTR, eyes will start to glaze over […]
When you think of threat intelligence, what comes to mind? Collections of IP addresses, hashes, maybe domains? Like many organizations, you may have many intelligence feeds with thousands of these indicators. How do you make sense of it? How do you create actionable decisions based on these? How do you measure the fidelity of your […]
Amid the current economic and operational volatility, the need for properly measuring and communicating risk has increased. Security leaders are finding themselves in the spotlight more now than ever before, faced with questions and concerns about risk and the security of their organization. What new security metrics can be used to demonstrate an organization is […]
Editor’s note: We’ve published a new list of board-ready security metrics for 2022. Imagine the United Nations General Assembly with no translators – and people speaking dozens of different languages. That’s what it can be like when security teams and board members share metrics and data. The communications gap leaves many CISOs struggling to explain […]