Why are cybersecurity KPIs important for enterprises to determine?

A presentation at RSA Conference 2016 discussed key performance indicators for cybersecurity. How do you determine…


* remove unnecessary class from ul
$(“#inlineregform”).find( “ul” ).removeClass(“default-list”);

* Replace “errorMessageInput” class with “sign-up-error-msg” class
function renameErrorMsgClass() {
$(“.errorMessageInput”).each(function() {
if ($(this).hasClass(“hidden”)) {
$(this).removeClass(“errorMessageInput hidden”).addClass(“sign-up-error-msg hidden”);
} else {

* when validation function is called, replace “errorMessageInput” with “sign-up-error-msg”
* before return
function validateThis(v, form) {
var validateReturn = urValidation.validate(v, form);
return validateReturn;

* DoC pop-up window js – included in moScripts.js which is not included in responsive page
$(“#inlineRegistration”).on(“click”,”a.consentWindow”, function(e) {, “Consent”, “width=500,height=600,scrollbars=1”);

KPIs for security? Why is it important to do so?

Key performance indicators, or KPIs, are quantifiable measurements agreed to ahead of time by an organization to determine whether they are achieving their goals. KPIs may change as the organization grows or when the goals have been achieved. Cybersecurity KPIs can be short and long-term goals that allow an organization to measure the effectiveness of its operation.

Service-level agreements may be a KPI for security, but there are other cybersecurity KPIs that should also be considered, such as staff retention and increase in customer satisfaction surveys. It is important to focus on KPIs that matter to your organization and business culture.

The reason companies use cybersecurity KPIs is because they are measurable. It is easy to determine if the cybersecurity group meets or exceeds expectations. Cybersecurity KPIs can be determined based on:

  • Staff actions — meeting SLAs in user provisioning, access request forms, remediation follow-up, daily periodic security monitoring results;
  • System or technology events — cybersecurity embedded into new technology or system tools and services, reduction in cybersecurity false positives;
  • Internal processes — staff retention, increase in customer satisfaction, state of security executive management reports, compliance audits; and
  • External events — breaches, attack detection and prevention.

So why measure cybersecurity with KPIs? There are several reasons, including:

  1. To demonstrate improvement in each of the four areas to measure;
  2. To justify the need for additional resources, whether they’re staff, tools or services;
  3. To identify trends that indicate changes in the cybersecurity program or processes; and
  4. To provide executive management with assurance on cybersecurity or to indicate the need for focus in troubled areas.

Without KPIs, measuring cybersecurity performance is subjective and qualitative in nature. That may be acceptable in some organizations but quantitative measures are more difficult to dispute.

Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)

Next Steps

Discover these best practices for cybersecurity assessments

Learn more about security assessment services

Check out this list of goals to include in IT KPIs

Dig Deeper on Enterprise Risk Management: Metrics and Assessments

Source link