Breaking Out of the Security Metrics Matrix: Steps in the Right Direction

Posted on in Presentations

Security professionals struggle to create and customize meaningful metrics. Software companies, governments and frameworks have provided some terms, but are they used efficiently? Join us to discuss how organizations worldwide have mapped metrics to practical security controls, and how they have tracked progress, and provided solid evidence of ROI and value for money.

Learning Objectives:
1: Learn to create and customize meaningful metrics that allow you to reduce exposure time and manage risk.
2: Understand how to map metrics to practical security controls so you can track progress, ROI and more.
3: Learn to more efficiently use security controls to discover indicators of compromise.

Understanding of industry-standard security controls. Experience or knowledge of managing a security operations center (SOC) would be helpful. An interest in policy-based decisions, over and above tactical and technical skills. But, individuals don’t need to be policy wonks. In fact, techies would greatly benefit from this discussion, as it will give them a perspective on how to use technical tools more efficiently. This includes getting more funding, and obtaining the ability to credibly discuss the value of their activities to the business.

James Stanger


Chief Technology Evangelist, CompTIA

Tim Crothers


Vice President of Security, Target

Security Strategy & Architecture

threat management security analytics practitioner perspectives policy management metrics



Share With Your Community