El Diario del CISO (The CISO Journal) Edición 18 - Page 5

"When performance is measured, performance improves. When performance is measured and reported back, the rate of improvement accelerates." - Thomas S. Monson Key Performance Indicators (KPIs) are fundamental to determining success in business. There are many industries and functions with long established KPIs such as inventory turnover or gross profit margin as a percentage of sales. Performance measures in the cybersecurity field, being a newer discipline, does not have the same level of interest in the way that EBITDA does. So how do you measure success in cybersecurity? After all, if you can't measure it, you can't manage it. Are you looking for Indicators of Comprise (IOC) or Indicators of Attack (IOA)? Are you concerned about compliance with a certain standard such as SOX, NIST, or GDPR? The purpose of my article is to identify three goals to track cybersecurity successes and suggest some measures you can use to determine success. The complete article is here Fred O'connor Now that security leaders have been invited into the boardroom, what do they say? Information security is a now a board-level topic. The Securities and Exchange Commission made that point in February when it released guidance on how public companies should prepare to disclose breaches and other security incidents. Companies are expected to share information in quarterly and annual financial reports on how they’re managing cyber risks. In addition to details on how companies are gauging the severeness of security gaps and incidents, companies need to disclose how senior leaders and the board communicate about cybersecurity. The complete article is here Pete Herzog Where Do Cybersecurity Professionals Come From? When a momma cybersecurity professional and a papa cybersecurity professional love each other very much they hug each other in a special way to help each other make little cybersecurity professionals. If only it were so easy we wouldn’t have nearly 2.2 million unfilled cybersecurity jobs on the horizon. We wouldn’t have millions of kids struggling with online and social media addictions on one end of the spectrum and kids with no access to the Internet on the other. So while the straight answer is, we make them, the less straight answer is how.