Security Metrics
Why Only Phishing Simulations Are Not Enough
In the world of cybersecurity awareness, phishing simulations have long been touted as the frontline defense against cyber threats. However, while they are instrumental, relying solely on these simulations can leave significant ...
How to SLO Your SOC Right? More SRE Wisdom for Your SOC!
As we discussed in “Achieving Autonomic Security Operations: Reducing toil” (or it’s early version “Kill SOC Toil, Do SOC Eng”) and “Stealing More SRE Ideas for Your SOC”, your Security Operations Center ...
Removing the Fantasy of Cybersecurity Metrics with Tripwire Connect
One of the most daunting problems in cybersecurity has always been security metrics. In business, practically nothing matters in the absence of the ability to measure actionable results. Profit and loss are the drivers ...
Cybersecurity Risk’s “New Math”
Mary K. Pratt posted an article, “The new math of cybersecurity value,” on CSOonline on September 21, 2021, available at The new math of cybersecurity value | CSO Online It is a ...
Cybersecurity Lessons from the Pandemic: CDC Model and FS/ISAC
It is very ironic to see that, on August 18, 2021, the CDC (Centers for Disease Control and Prevention) announced the formation of a Center for Forecasting and Outbreak Analysis, see CDC ...
CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again!
We want to trust our employees and contractors working within our organizations. For the most part, people are doing their jobs with integrity every day. What happens when an employee decides to ...
CISO Stories Podcast: Stop Reporting Useless Security Metrics!
All disciplines need to be able to demonstrate added value and track the ability to improve upon current practices. The board, technical management, auditors, and engineers may each need a different view ...
Two Security Metrics that Speak to Your Stakeholders
Cybersecurity awareness extends beyond IT, and to be effective you need the ability to communicate about your security posture in a language everyone can understand – from c-suite to CISO. Frontline.Cloud™ vulnerability ...
Dashboards: An Effective Cybersecurity Tool
Data is only as good as what you are able to do with it. Not only does the cybersecurity universe collect data, but individual enterprises also collect cybersecurity data from within their ...
Cybersecurity Lessons from the Pandemic: Models and Predictions
There are a number of different types of models—and the output from each must be viewed and used differently depending on the form of the model. First, you have relationships derived from ...
