A key goal of my consultancy is to help you extract meaningful data from within your environment and present it in ways that are genuinely useful. Recently, I had one client describe their existing IT security metrics as ‘coffee table metrics’, meaning they looked pretty but they didn’t really tell him very much. I designed for him was a whole new set of security metrics that enabled him to measure vital aspects of the risk dynamics occurring at critical places within his IT estate. This let him see the extent to which his security controls were or weren't delivering against the threats they faced, and gave him the evidence he needed to resolve shortcomings and problems.
Drawing on my scientific training, I can design security risk metrics that will show you what is really going on within your environment.
Metrics that expose not just how much threat activity you are facing but the extent to which that activity is capable of causing you harm.
Metrics that expose not just how extensively a control has been implemented but its effectiveness at interceding in the progress of the threat and limiting the harm that threat can cause.
Metrics that show how much harm each threat is causing, and where to focus your effort to achieve the greatest effect.
If you would like a set of security risk metrics that tell you how much risk you have and where it is coming from within your IT estate, and provide data that will tell you what you can do about it, then do get in touch. Email me at firstname.lastname@example.org or call 07734 311567 (+44 7734 311567).