Explore key concepts in cybersecurity metrics and decision-making in this 30-minute conference talk from BSides Philly 2016. Delve into topics such as information overload, big data challenges, and the importance of effective planning. Learn about frameworks for inventory management and data classification, and discover how to build useful dashboards for better decision-making. Gain insights on endpoint protection, remediation timelines, and practical approaches to security management. Understand why size doesn't always matter in security metrics and how to focus on creating value through strategic security initiatives.
Overview
Syllabus
Intro
Disclaimer
About Jim
Agenda
King of Prussia Mall
SnowCo
Endpoint Protection Program
What was the problem
Information overload
Big data
Size
Size doesnt matter
Put a plan together
Dont reinvent the wheel
Frameworks
Inventory
Data Classification
Four Letter Security
Application Inventory
Classification
Use Cases
Executing
Verify
Value
Service Example
Making Better Decisions
Building a Dashboard
How long has it taken
Endpoint protection
Time to remediate
When to start
Questions
