El Diario del CISO (The CISO Journal) Edición 18 | Page 5

"When performance is measured, performance improves. When
performance is measured and reported back, the rate of
improvement accelerates." - Thomas S. Monson
Key Performance Indicators (KPIs) are fundamental to determining
success in business. There are many industries and functions with
long established KPIs such as inventory turnover or gross profit
margin as a percentage of sales. Performance measures in the
cybersecurity field, being a newer discipline, does not have the
same level of interest in the way that EBITDA does. So how do you
measure success in cybersecurity? After all, if you can't measure it,
you can't manage it. Are you looking for Indicators of Comprise
(IOC) or Indicators of Attack (IOA)? Are you concerned about
compliance with a certain standard such as SOX, NIST, or GDPR? The
purpose of my article is to identify three goals to track cybersecurity
successes and suggest some measures you can use to determine
success.
The complete article is here
Fred O'connor
Now that security leaders have been invited into the boardroom,
what do they say?
Information security is a now a board-level topic. The Securities and
Exchange Commission made that point in February when it released
guidance on how public companies should prepare to disclose
breaches and other security incidents. Companies are expected to
share information in quarterly and annual financial reports on how
they’re managing cyber risks. In addition to details on how
companies are gauging the severeness of security gaps and
incidents, companies need to disclose how senior leaders and the
board communicate about cybersecurity.
The complete article is here
Pete Herzog
Where Do Cybersecurity Professionals Come From?
When a momma cybersecurity professional and a papa
cybersecurity professional love each other very much they hug each
other in a special way to help each other make little cybersecurity
professionals.
If only it were so easy we wouldn’t have nearly 2.2 million unfilled
cybersecurity jobs on the horizon. We wouldn’t have millions of kids
struggling with online and social media addictions on one end of the
spectrum and kids with no access to the Internet on the other. So
while the straight answer is, we make them, the less straight answer
is
how.