Panaseer, the first Continuous Controls Monitoring (CCM) platform for enterprise security, announces guidance on best practice cybersecurity measurements to help avoid incidents. Currently, there is limited industry guidance around the most important metrics to evaluate, and how to standardise calculations and policies as part of a high-quality security metrics programme. With the right metrics organisations improve visibility into and raise their security posture, helping to limit exposure to successful attacks, such as ransomware, or vulnerabilities including FireEye or SolarWinds.
Recommendedย ITechย News: ย Kinetic Business Introduces Distributed Denial of Service (DDoS) Mitigation Service to Help Customers Protect
Among highly regulated, global organisations, Panaseer has determined that the top ten most frequently used security metrics are (in order of popularity):
- Vulnerability remediation SLA compliance
- Endpoint detection SLA compliance
- Vulnerability scan coverage
- CMDB inventory completeness coverage
- Endpoint detection coverage
- Vulnerability outlier analysis
- Active Directory enrolment coverage
- Application security scan coverage
- Application security SLA compliance
- Active employee leavers
Panaseer’sย CCM platformย includes these andย hundreds ofย otherย best practice security metricsย viaย its newย in-platformย Securityย Metricsย Catalogue.ย In addition toย Panaseer’sย expertise,ย theย Securityย Metricsย Catalogue hasย been curated from a wide community of customers,ย industry experts,ย frameworkย organisationsย such asย NIST and inย collaboration withย theย Centerย for Internet Securityย (CIS).ย The proposition alsoย providesย recommendationsย toย enable security teams toย instantlyย improve their security metrics programmeย overallย via metric groupings that include aย ‘getting started’ย collection,ย aย peer-based recommendationย collection,ย aย customer favourites collection,ย andย accessย toย newly emergingย metric suggestions.
Recommendedย ITechย News: ย Aiden Technologies Secures $2.9 Million in Funding to Empower Organizations with Automated Endpoint Management Solution
The company is also sharing best practices with the broader industry, through a new free resource, in a ‘Securityย Metrics Hub.’ It includes advice and educational security measurement material aimed to help enterprises overcome the challenge of determining the most impactful metrics for their programme.
CCM is fast becoming a required capability for regulated enterprises. The technology is solving one of the biggest challenges in cybersecurity today โ enterprises do not know if their security controls are providing full protection at any given moment. Last year CCM was included as a new category in Gartner’s Risk Management Hype Cycle.
Andrew Jaquith, industry veteran, CISO of QOMPLX Inc, and author of Security Metrics: Replacing Fear, Uncertainty, and Doubt, comments: “As W. Edwards Deming put it, ‘In God we trust. All others bring data.’ Organizations need trustworthy data to show that their cybersecurity programs are keeping them safe and reducing risk effectively. Panaseer’s Metrics Catalogue gives customers new options for using and sharing common cyber metrics, enabling better collaboration and elevating the state of practice.”
Recommendedย ITechย News: ย ECS / My IT Acquires Network Technologies
Mikeย MacIntyre, VP Product,ย Panaseer, adds:ย “The only way to prevent aย cyber-attackย from succeeding is to have the proper cyberย controlsย in place.ย However, cybersecurity control failuresย haveย topped the list of executive concerns, according toย a recent reportย fromย Gartner, Inc.ย on emerging risks.ย This problem is fuelled by a lack of industry standards in the metrics that organisations should measure and monitor to best protect themselves.ย We areย solvingย this industry issueย byย providingย a blueprint of best-practice metrics, which are availableย in-platformย forย our customers, supportedย with valuable information on our website that’s free for all.”
Recommendedย ITechย News: ย Announcing the Launch of โThe Development Den Northwest, Inc.โ
