With increased public awareness of cyber attacks and corporate America’s growing concern over cybersecurity, board members are asking more informed, tougher questions of their security teams. Many teams still focus on reporting activity such as number of hits detected and tickets closed—information that does not accurately reflect the team’s success or help inform investments.
At a recent Gartner Summit, Rich Mahler, Director of Leidos Commercial Cyber Services (formerly Lockheed Martin), discusses why teams need to stop measuring effort and focus on what matters—wins against real threats. One way to do this is by framing metrics in the context of the Cyber Kill Chain®. The framework enables teams to accurately identify which of their existing tools are most effective at detecting and blocking threats and where there are gaps/weaknesses—information that informs cybersecurity investments.