Security Metrics Help CEOs Balance the Cost of Loss Against the Cost of Protection
- Risk–cost awareness provides guidance on how to allocate resources to secure the enterprise infrastructure.
- With risk–cost awareness, it’s possible to communicate security metrics to the CEO or board in terms that enable them to make the necessary financial decisions.
“This is a problem for the industry right now: knowing which key metrics a business should use to make strategic security decisions.”
Enterprise IT environments can have thousands of people trying to do the same thing at the same time. These IT environments are driven by thousands of applications that are continuously built and deployed into the environment. A huge number of metrics are used to measure all this activity. “This is a problem for the industry right now: knowing which key metrics a business should use to make strategic security decisions,” says Daniel Riedel.