(This is the second installment in a two-part series on the benefits of leveraging unified security metrics to improve responsiveness and reduce vulnerabilities across the enterprise. The first installment, on the metrics themselves, can be read here.)
Security risk represents uncertainty, and potentially even danger. Neither of these is good for an organization’s overall health. Over the past year, the Infosec Team in Cisco’s Threat Response, Intelligence and Development group launched a Unified Security Metrics (USM) program as a way to make sense of volumes of network data and reduce security risk. Even at this relatively early stage, we have identified four clear indicators that the USM program is doing the right things to improve Cisco’s security posture across the organization. These indicators are applicable to anyone undertaking a security metrics journey.