
Security Metrics and Operational Blindness, Part 2: Four Steps to Begin to Fix It
- On May 6, 2016
- In Blogs
- By Chris Howell
- 0 Comments
Companies need to focus on the entire operational system, inclusive of people, processes, and technology. For example, if someone in your SOC identifies a problem, opens a ticket, performs an action, and closes a ticket–have they taken the right steps and improved the security of your organization? You need to take action by collecting and monitoring real security operations metrics to discover if this is happening in your SOC.
Here are four steps to begin to improve your security, understand the value of your investment, provide your CISO with a trusted advisor, and move towards a safer environment:
1. Have a third-party perform a baseline evaluation of security operations, focused on your people, processes, and technology. Be open to criticism and change.
2. Understand where your security operations capability falls, regarding the current level of maturity and your future security goals.
3. Set your security goals, continue to measure them, and chart your course toward a more mature environment.
4. Don’t simply bolt on security parts and expect a more secure organization.
Reaching your security goals begins with knowing where you are and knowing where you want to be. Metrics allow you to see measurable progress and change course, as needed.
To learn more about Cloudburst Security and how we can help cure your operational blindness, email us at: info@cloudburstsecurity.com