security metrics

Mark Brown is the Director of Information Security at EY. In this interview he offers guidance for CISOs, discusses the technical competence of company leaders, tackles …

A new Ponemon Institute study examined the key risk-based security metrics IT security managers used most frequently to gauge the effectiveness of their organizations’ …

Many organizations believe that IT, and by association IT security, is a wasted expense. They recognize that the financial investment needs to be made but few truly understand …

Tripwire announced the results of research on the state of risk-based security management with the Ponemon Institute. Key findings include: 75% of respondents say metrics are …

Learn how to communicate the value of an information security program, enable investment planning and decision making, and drive necessary change to improve the security of …

Microsoft’s Internet Explorer does a better job protecting systems from attackers who already have gained some degree of access than Mozilla’s Firefox, and …

The majority of organizations fail to adhere to simple data protection standards and, in many cases, are fully unaware of what security practices are currently in place, …

Invictis launched its Risk Score service (IRS), a comparative risk benchmarking service which generates a security profile of the enterprise. Offered in three incremental …

The Information Security & Business Continuity Academy launched its free Return on Security Investment (ROSI) calculator (registration required). This calculator provides …

The EU’s cyber security agency, ENISA, has issued its final report on the first Pan-European cyber security exercise for public bodies, Cyber Europe 2010. The report …

The Center for Internet Security (CIS) announced an updated release of its CIS Metrics, the industry’s first consensus metrics for information security. The release …