To access the remainder of this piece of premium content, complete the form below. Already have an account? Login
Register in seconds by connecting with your preferred Social Network.
The use of metrics and analysis (MA) is a sophisticated practice in security management that takes advantage of data to produce usable, objective information and insights that guide decisions. In addition, MA provides chief security officers (CSOs) with clear evidence of their operations’ value, expressed in the language of top management. This paper synthesizes the current MA literature in the security management field. It describes the use of metrics and analysis to improve decision making, strengthen security operations and gain support for the security and risk management operation. It then describes the process of developing specific metrics, collecting and managing data and performing useful analyses with security risk-focused software.