Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.
-
Upload
winifred-hodges -
Category
Documents
-
view
214 -
download
0
Transcript of Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.
![Page 1: Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.](https://reader035.fdocuments.net/reader035/viewer/2022072117/56649eab5503460f94bb0c8e/html5/thumbnails/1.jpg)
www.clearpointmetrics.com
Enterprise Case Studies B
Betsy Nichols
![Page 2: Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.](https://reader035.fdocuments.net/reader035/viewer/2022072117/56649eab5503460f94bb0c8e/html5/thumbnails/2.jpg)
2
Is this as prevalent as we fear ?
![Page 3: Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.](https://reader035.fdocuments.net/reader035/viewer/2022072117/56649eab5503460f94bb0c8e/html5/thumbnails/3.jpg)
3
Security Metrics: Leading Indicators for Adoption
Who Just ‘top tier’ companies ? Who is the primary sponsor ? Who generates metrics and scorecards ? Who is the audience ?
Why Drive improvement, justify budget, prioritize investments, Prove compliance, manage risk, security group PR
What What metrics are most useful ? What resources are being allocated to measurement ?
Where Sources of raw data Mechanisms for publication of results
When Daily, weekly, monthly, quarterly ? Other regular reviews that security metrics would be included
How Tools: Excel, Data Mining Products, Report Writers, Point Products People: Formally assigned or ad hoc
![Page 4: Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.](https://reader035.fdocuments.net/reader035/viewer/2022072117/56649eab5503460f94bb0c8e/html5/thumbnails/4.jpg)
4
State of Metrics Adoption in 2006
Companies Surveyed
18%
26%56%
1: Over $100B
2: $50-100B
3: Under $50B
Metrics Maturity vs Market Cap ($B)
0
1
2
3
4
5
0 50 100 150 200 250 300 350 400
Market Cap ($B)
Met
rics
Mat
auri
ty
Maturity based upon: Regularity, repeatability Consistency, trust
Low maturity across the board: (x,y = 0.22)
![Page 5: Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.](https://reader035.fdocuments.net/reader035/viewer/2022072117/56649eab5503460f94bb0c8e/html5/thumbnails/5.jpg)
5
Metrics: 1st Application
32%
36%
32%
0%
Process Effectiveness
Motivation & Awareness
Better Decisions
Compliance
Why and When
Plan Increase in Metrics Investment
0
2
4
6
8
10
12
Data
FinSvc
Health
Insu
ranc
eM
anf
Publis
hing
Retail
Teleco
m
Increase
No Increase
Compliance is not the first application of metrics
Early adopters in financial services
![Page 6: Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.](https://reader035.fdocuments.net/reader035/viewer/2022072117/56649eab5503460f94bb0c8e/html5/thumbnails/6.jpg)
6
Why are Metrics so Hard ?
Vast and unclean data Scattered and uncorrelated Incomplete and inconsistently collected
Lack of consensus on indicators and models Statistics Aggregation
Difficult to package results Mapping to business Multiple audiences Visualization of quantitative data Distribution
![Page 7: Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.](https://reader035.fdocuments.net/reader035/viewer/2022072117/56649eab5503460f94bb0c8e/html5/thumbnails/7.jpg)
7
Metricon 1.0: Enterprise & Case Studies B
John Nye: Leading Indicators for Vulnerabilities Vik Solem: Top 10 Vulnerabilities over Time Jonas Hallberg: Metrics for Networked Info
Systems Andrew Sudbury: Highlights of a Security Metrics
Scorecard Project
![Page 8: Www.clearpointmetrics.com Enterprise Case Studies B Betsy Nichols.](https://reader035.fdocuments.net/reader035/viewer/2022072117/56649eab5503460f94bb0c8e/html5/thumbnails/8.jpg)
8