Metrics That Don't Suck: A New Way To Measure Security Effectiveness

Metrics That Don’t Suck: A New Way To Measure Security Effectiveness (Dr. Mike Lloyd) How does your organization measure and report its security posture and performance? Do you have spreadsheets that show how many vulnerabilities you found last month, or how many viruses your AV system stopped? Those numbers might pacify your management, but any security pro can tell you that they are no way to benchmark the real work you do – or how much danger your enterprise might be in.