Sign up to save your podcasts
Or
Share The science of security metrics
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The science of security metrics
"If you can’t measure it you can’t improve it.". It is hard to argue with that. But here is the catch, what are we measuring and what are we improving.
Measuring the right things right is not a rocket science, but it is a science. Common sense might get you so far, but in my experience common sense is failing us. Organizations are focusing on metrics that are readily produced by tooling, but they turn out to be vanity metrics with little or no correlation with actual security.
In this episode, I will unpack the key facts on the science of metrics. I will give you a framework that can help you figure out what you are trying to improve and how to measure those. Once you’ve selected your metrics I’ll help you understand the key qualities that make your metric useful or completely useless.
View all episodes
By Dag Flachet"If you can’t measure it you can’t improve it.". It is hard to argue with that. But here is the catch, what are we measuring and what are we improving.
Measuring the right things right is not a rocket science, but it is a science. Common sense might get you so far, but in my experience common sense is failing us. Organizations are focusing on metrics that are readily produced by tooling, but they turn out to be vanity metrics with little or no correlation with actual security.
In this episode, I will unpack the key facts on the science of metrics. I will give you a framework that can help you figure out what you are trying to improve and how to measure those. Once you’ve selected your metrics I’ll help you understand the key qualities that make your metric useful or completely useless.