Home » Magazine Archives » February 2008
Security Technology Executive
Most Read
Most Emailed
E-mail Article
Print Article
Metrics for Success
Demonstrate security’s alignment with business objectivesThe Latest from SIW
Security prepares for largest presidential inauguration The security week that was: 11/21/08 Sources: Napolitano likely to be named DHS secretary TSA's 'behavior detection' draws scrutiny in light of few arrests Survey: National security a bigger issue prior to economic crisis Eye on Video: Specialized intelligent video applications
The objective: To identify multiple products, services and positive results that the security organization brings to help meet the enterprise’s business goals.
Results Sought: Increased understanding and appreciation by senior management and other key stakeholders of security’s value and contribution to the bottom line.
Risk Management Strategy & Where Is the Data? How effectively are we aligned with the businesses we serve? Several months ago, The Conference Board published a survey of hundreds of business executives that revealed a perceived lack of value of the security functions within their organizations. Security leaders must use multiple data sources and metrics to identify security’s positive impact on the business and its bottom line and present that information to management.
Here are some examples you may be able to identify in your own organization:
• Penetration testing yields data on the effectiveness of safeguards and supports claims of reduced opportunity for attack.
• Pre-contract examination of the risk potential of third-party vendor relationships identifies vulnerabilities to enable favorable contract terms and post-contract inspections, thereby reducing risk and consequence of loss.
• Examination of incident trends and incident postmortems produces metrics that either affirm the effectiveness of internal controls or justify the redirection of resources, yielding improved risk management practices.
