The National Defense Authorization Act for Fiscal Year 2017 (2017 NDAA) requires the Department of Homeland Security (DHS) to develop an annual report containing 43 specific metrics to measure the ...

For years, organizations have relied on traditional security metrics to measure their risk posture. Service-level agreements (SLAs), issue closure rates, and compliance checklists dominate dashboards, ...

One of the most difficult aspects of managing risk in information assurance (IA) is that our statistical information is so poor. We don’t know about security breaches that we have not noticed; we ...

For security professionals, two free risk-management guides out this week provide directions on how to establish corporate security metrics, as well as tips on organizing risk-assessment and ...

The other day, I learned a great lesson about security metrics while getting a haircut. Initially, this may sound like a bit of an odd statement, but I promise it will make sense in the end. The woman ...

The Center for Internet Security and the Open Group’s security division have each published comprehensive risk-management guides, the first defining a basis for security metrics and the second a ...

SAN FRANCISCO--(BUSINESS WIRE)--Horizon3.ai, a global leader in autonomous security solutions, today announced the launch of NodeZero Insights™. Designed for security leaders, CIOs, CISOs and ...

In 2023, the cybersecurity challenges in the Operational Technology (OT) and Industrial Control Systems (ICS) landscape reached unprecedented levels. Ransomware, increasingly prevalent through new ...

The Government Accountability Office (GAO) has released a report indicating that the implementation of the Federal Information Security Modernization Act of 2014 (FISMA) by federal agencies remains ...

How do we manage what we can’t measure? One of the cornerstones of the scientific method is measurability: a focus on defining the ways of counting or measuring aspects of reality that we hope will be ...

Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. The chief information security officer (CISO) role has matured significantly over recent ...