Researchers Call for Measurable Security Objectives

The next big step in security policies should be heavily focusing on ways to quantify completed and ongoing security objectives, says Pete Lindstrom, senior analyst at the Midvale, Utah-based research firm. The purpose of this move would be to both justify spendings and highlight the value yielded by ongoing projects.

This message was presented during the Burton Group Catalyst Conference ‘08 and as SearchSecurity.com noted, Lindstrom is sketching a new model to help security experts measure and articulate security program successes and failures to senior management.

“We need to get objective and quantitative in our environments in order to better manage our programs,” Lindstrom said. “We have to collect ourselves together as a profession and define what it means to meet our security objectives.”

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website

Related Posts from the Past:

• Breach Disclosure Laws are Pointless
• UK SMEs Warned To Improve Security
• CoSoSys to Protect VIPdesk's Critical Data Housed on Removable Storage Devices
• New Easier Way to Encrypt Large Amounts of Data
• Sensitive Data of Healthcare and Airline Companies found in Argentina and Malaysia