The book includes insights from the following experts:
- Cédric Thevenet, Société Générale, Deputy Group IT Infrastructure CISO and ORM, Metrics Must Show Security Expenditures Provide The Right Level Of Protection >>
- Arnaud Laudwein, Hachette Livre, CISO/CSPO, There’s More To Security Metrics Than Raw Numbers >>
- Aanchal Gupta, Skype, CISO, With Security Metrics, Every Picture Tells A Story >>
- Andrew Green, Aprose Risk, CISO, Focus On Security Metrics That Demonstrate Cyber Resilience >>
- Daryl Flack, Blockphish, CIO, CTO & CISO, Foundational Metrics Help Build A Security Narrative >>
- Shaju Bhaskaran, Ahlibank Qatar, CISO, Metrics And Industry Comparisons Create A Complete Security Picture >>
- Istvan Rabai, Signalhorn Trusted Networks GMbH, CISO, Security Metrics Are About People And Money >>
- Kyle Hastings, One of the Big 4 Consulting Firms, Director, Cyber Risk, Communicating Security Requires Two Vocabularies >>
- Irene Corpuz, Abu Dhabi Government Entity, Section Head – Planning & IT Security, When Reporting Security Initiatives To Management, Keep It Simple >>
- Aaron Weller, PricewaterhouseCoopers, Managing Director, Cybersecurity & Privacy, The Best Security Metrics Are Actionable >>
Using Security Metrics to Drive Action was generously sponsored by Tenable.
As the challenge of securing digital assets grows, the challenge of quantifying an organization’s security posture is also growing. This is due in part to the added layers of protection needed to secure IT infrastructures that have no perimeter, and the sheer quantities of data generated by new security technologies. It is further complicated, especially for global companies, by regional differences in security practices, standards, and regulatory environments.
In order to better understand how security organizations operating in Europe and the Middle East use metrics to describe their security posture, we decided to ask them. With Tenable’s generous support, we posed this question to a number of security experts:
Your CEO calls and asks, “Just how secure are we?” What strategies and metrics do you use to answer that question?
For this eBook we spoke to a global audience, including people from Germany, France, the Middle East, and the UK. In these regions, security practices and regulatory environments are very mature. Yet politics often plays a role in which security frameworks can be used in certain countries. For example, a French company with global operations may use a US standard framework in its European operations, but it must adopt a different framework for its Middle East operations. Also, the risk landscape can vary considerably from one region to another, not only because of the nature of potential threats, but because of the varying costs of regulatory noncompliance.
Any business with operations in EMEA will find value in the perspectives of these EMEA-based security experts.