Metrics and Budgets

Metrics and Budgets news, information, and how-to advice

negotiating contracts ts
3D collage of financial money charts and icons

1 measure roi

10 ways CSOs can achieve ROI on a network solution

Setting up and protecting the network infrastructure is a major challenge and needs to be even more sophisticated and dynamic than ever before. Here are 10 points that need to be considered to achieve ROI and deliver payback

burlap money bag

Enterprises misaligning security budget, priorities

Those on staff who are doing the budgeting might blindly write the same amount into the security line every year. Or the C-suite might handcuff the security personnel with a tight budget that doesn’t allow for expansion into new...

Healthcare firms plan to increase security spending

After several high-profile breaches over the past couple of years, the healthcare industry plans to increase its spending on IT security more than other sectors.

money

RSAC 2017: The end of easy cash bounties

Industry evolution eliminates chances of bug hunters to get easy cash for trivial vulnerabilities.

student books with apple for teacher

Compliance focus, too much security expertise hurts awareness programs

Security awareness teams aren't getting the support they need to be successful, according to the SANS Institute. But some unexpected factors can cause programs to fail as well, including a focus on compliance -- and too much security...

measurements

Promoting efficiencies through security metrics

Creating metrics for a security program can be a challenge for many organizations. Troy Leach, CTO of Payment Card Industry Security Standards Council, discusses best practices for creating meaningful security metrics.

stretched money budget

How to get more from your security budget

Here’s how to get more from your stretched security budget.

crime scence police tape

2016: A reflection of the year in cybercrime

A look back at 2016 predictions in cyber crime and how it all actually played out.

executive on ladder drawing financial charts and investments

ProofPoint, Rapid7 and CyberArk lead the field of publicly-traded cybersecurity companies

Q3 2016 financial results are in for publicly-traded cybersecurity firms -- and three names outpaced the rest of the market: ProofPoint, Rapid7, and CyberArk.

analytics network monitoring

SIEMs-as-a-service addresses needs of small, midsize enterprises

Traditional security information and event management systems are expensive, require dedicated security staff, and are difficult to set up and manage -- but managed security service providers are stepping in to make SIEMs practical...

Shall we care about zero-day?

Gartner says that 99% of exploited vulnerabilities are publicly known. Does it mean we can ignore zero-days?

business man holding money bag

Yahoo shows that breach impacts can go far beyond remediation expenses

Several studies have come out recently trying to get a handle on the total costs of a data breach, with a large variation in costs - from less than $1 million on average, to $6 million - based on the data sets and types of included...

Cybersecurity: is it really a question of when, not if?

Can you imagine your banker saying “it’s not a question of if I lose your money, but when will I lose your money”?

muddy waters

Navigating the muddy waters of enterprise infosec

Information security finally has executives’ attention, but aligning with business needs is still challenging.

Wearing multiple hats in IT

Security challenge: Wearing multiple hats in IT

Handling both security and IT duties involves a daily balancing act for the resource-constrained IT organizations that must take this approach. But along with the challenges, there can also be benefits.

grade blackboard cminus

Is security making the grade? What IT and business pros really think

When it comes to security, who’s in charge, where do roles and responsibilities overlap, and what are the biggest challenges to aligning infosec and business goals? A joint CSO, CIO, Computerworld survey sheds some light.

classroom training

Is your security awareness training program working?

The metrics to use to determine where to make improvements in security awareness training

phishing

How do you measure success when it comes to stopping Phishing attacks?

What's considered a win when it comes to Phishing? This question was posed to IT workers and non-executive types earlier this month, and everyone had a different opinion on the topic. The general feeling among defenders was that a...

Load More