Overview
Explore the critical role of security metrics in safeguarding digital assets in this 25-minute conference talk by Caroline Wong, Chief Strategy Officer at Cobalt. Delve into the evolution of cybersecurity measures, learn why effective metrics focus on overall program performance rather than just numbers, and understand the importance of establishing a framework for monitoring in today's rapidly changing threat landscape. Gain insights on balancing security investments with other organizational priorities, and discover how security metrics can provide quantifiable and qualitative insights to justify additional resources. Benefit from Wong's extensive experience in information security, including her work at eBay, Zynga, and Symantec, as she shares practical strategies for implementing security metrics within organizations.
Syllabus
Intro
Agenda
Carolines Background
eBay Example
Security Metrics Book
BSIM Assessment
Why Security Metrics Are So Hard
Cybersecurity is not impossibly complex
Four basic building blocks
Business metrics
Risk management objectives
Expansion objectives
Five minutes
Equifax breach
State of Pen testing
Ptas Platform
Free LinkedIn Course
Outro
Taught by
OWASP Foundation