This briefing is based on the findings of a cross-sector task force of CISOs and staff who shared their challenges and best practices for developing and using security metrics to drive decisions within their organizations. Topics discussed include: (1) defining security metrics; (2) identifying criteria for an effective security metric; (3) adopting a metrics framework; (4) methods for metrics reporting and decision-making; (5) guidance for initiating a metrics program; (6) strategies for expanding the program; and (7) tools members use to collect and report metrics.
Supporting tools that will be shown during the briefing including the Security Metrics Selection Compendium, which includes a self-assessment for assessing controls maturity and selecting metrics, Top 20 “must measure” metrics, and links to references that contain supporting metrics.
Upon completion of this webinar, the attendee/student will be able to understand challenges and best practices for developing security metrics. The attendee/student will be able to identify criteria for an effective security metric. The attendee/student will be able to adopt a metrics framework. The attendee/student will be able to utilize methods for metrics reporting and decision-making.
Arlan McMillan, CISO, Kirkland & Ellis LLP
Arlan McMillan is the Chief Security Officer (CSO) for Kirkland & Ellis LLP. Kirkland is an international law firm that serves a broad range of clients around the world in private equity, M&A and other corporate transactions, litigation, white collar and government disputes, restructurings and intellectual property matters.
Mark Brashear, Security Operations Manager, Illinois Tool Works
Solutions-driven, people-oriented IT executive with more than 15 years of successful, progressive, and diverse experience. In the field of information technology, I have proven myself to be a serious performer in the financial services and manufacturing sectors.
Scott Schmuhl, CISO, Merrick Bank
Transforming customer experience and business operations through improved processes, technology, and security. Even more passionate about enabling the transformation of people as they grow in their careers and life. Path-finding, aligning, empowering, and serving people to do the right things, and do things right.
Alexandra Zafra, CISO, Intercept Pharmaceuticals
Executive leader in Cybersecurity, Information Security, Risk Management, Governance, and Compliance. Proven success managing security and compliance risk assisting organizations in designing, implementing and managing cyber programs that are right-sized to the organization’s risk appetitive, culture, cost structure and regulatory requirements.
Who Can Attend:
Open to anyone.
CISOs, Security Leaders, Executives