7 Things You Should Know About Information Security Metrics
- Published:
- Briefs, Case Studies, Papers, Reports
- Author(s) and Contributors:
-
Contributions by: Shirley Payne Steve Vieira Vieira
- Source(s) and Collection(s):
-
Sources(s): EDUCAUSE Publications Collection(s): EDUCAUSE 7 Things You Should Know
- ParentTopics:
Abstract
An information security metric is an ongoing collection of measurements to assess security performance, based on data collected from various sources. Information security metrics measure a security program’s implementation, effectiveness, and impact, enabling the assessment of security programs and justifying improvements to those programs. Effective metrics can bring visibility and awareness to the underlying issue of information security and highlight effective efforts through benchmarking, evaluation, and assessment of quantified data. This can put institutions in a proactive stance regarding information security and demonstrate support for leadership’s priorities.