New Security Measurement Index Designed to Show How Your Info Security Efforts Compare with Your Peers
May 2016 by
How well are you able to measure your cyber security efforts compared to those of your colleagues? That’s the question a new organization of security professionals hopes to answer through a collaborative website at www.securityBTN.org. Comprised of forward-thinking IT security professionals and businesses, Security by the Numbers has introduced its first benchmark survey called the Security Measurement Index (SMI). As a free online survey, the SMI allows participants to track and define how well one’s organization is measuring the effectiveness of its IT security---and compare their answers with other survey participants.
Information security professionals can take the free survey in about 15 minutes by visiting www.securitybtin.org/survey. Participants get an immediate grade (A through F) upon completing the survey, along with a follow up email that includes a report on how their answers compared with their colleagues who have taken the survey.
Based on ISO 27000 international standards and input from an advisory board of security professionals, the Security Measurement Index provides:
• An easy to understand benchmarking tool for judging how your organization’s security measurement practices compare to those at other companies
• A global assessment of IT security measurements from a business management perspective
• A basis for developing security measurement best practices to help make cyber security more effective and efficient.
“By participating in the survey, members are offered a simple benchmarking tool for assessing how their organization’s security measurement practices compare to those at other companies,” said Mark Carney, Advisory Council Member at Security by the Numbers and CISO at FireMon. “With this survey, Security by the Numbers hopes to encourage the adoption of security management industry frameworks and in turn generate meaningful metrics back to the international security community.” In addition to its SMI survey, the Security by the Numbers website provides an online resource that helps promote the use of better metrics to improve the performance and best practices of information security in enterprises worldwide. In the coming year, Security by the Numbers intends to enlist security professionals in discussions that cut through the clutter of messages around cyber security to clearly see professional priorities, and to measure company practices in comparison to peers.
“There’s a lot of complicated advice around measures for IT security,” said Steve Kahan, president at Security by the Numbers and CMO of Thycotic. “Security by The Numbers is a collaborative online forum for simple, practical, real-world metrics on what companies are actually doing to measure IT security. With Security by the Numbers, companies can now get a reality check with accurate benchmarks to see how their practices measure up against their peers.” Security by The Numbers’ mission is to establish and promote IT security metrics, standards and practices that empower IT security professionals to identify and execute the most impactful strategies for protecting their organizations from cyber-attacks before they strike vital systems and compromise sensitive data. Security by the Numbers offers member benefits and services that include:
• Global Research and Comparative Benchmarks: to identify the latest metrics and help IT security professionals understand where they stand vs. their peers
• Education and Best Practice Reports: to help IT Security Professionals advance their careers by understanding latest IT security measurements as well as playbooks for improvement
• Collaboration: Peer networking tools; forums, teleconferences and online meetings and more