security metrics


How I Got Here: Andrew Jaquith

Dennis Fisher talks with Andrew Jaquith of SilverSky about his days running networks in the transportation industry, being there at the birth of @stake during his time at Cambridge Technology Partners, helping to kickstart the security metrics movement and what’s next for him.


How is defending your network and users from sophisticated cyber attacks like fending off a zombie invasion? Funny you should ask! In an interview with Threatpost Editor Paul Roberts, Josh Corman, the Research Director in the Enterprise Security Practice at the 451 Group reprises a 2011 RSA Conference presentation, with security luminary Alex Hutton, “Metrics are Bunk: The Zombie Apocalypse, Baseball, and Security Metrics.”

The March issue of Information Security magazine is out this week. The cover story is a look at how security information management systems need to evolve, in particular by integrating identity management with SIM in order to tie policy violations to user activity. Also, expert Andrew Jaquith writes about how to measure meaningful information security metrics. Finally, editor Marcia Savage takes on the HITECH Act’s impact on HIPAA and how health care organizations must up their security game. Download the issue here [PDF]

WASHINGTON–There has been a big push in recent years in the security community toward metrics, and measurements of all types have become a hot topic in certain corners of the industry. But measurement for measurement’s sake is useless-and perhaps even counterproductive–if the security team in an organization doesn’t define its goals and parameters ahead of time, experts say.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.