Panaseer, the first Continuous Controls Monitoring (CCM) platform for enterprise security, announces guidance on best practice cybersecurity measurements to help avoid incidents. Currently, there is limited industry guidance around the most important metrics to evaluate, and how to standardise calculations and policies as part of a high-quality security metrics programme. With the right metrics organisations improve visibility into and raise their security posture, helping to limit exposure to successful attacks, such as ransomware, or vulnerabilities including FireEye or SolarWinds.
Recommended ITech News:  Kinetic Business Introduces Distributed Denial of Service (DDoS) Mitigation Service to Help Customers Protect
Among highly regulated, global organisations, Panaseer has determined that the top ten most frequently used security metrics are (in order of popularity):
- Vulnerability remediation SLA compliance
- Endpoint detection SLA compliance
- Vulnerability scan coverage
- CMDB inventory completeness coverage
- Endpoint detection coverage
- Vulnerability outlier analysis
- Active Directory enrolment coverage
- Application security scan coverage
- Application security SLA compliance
- Active employee leavers
Panaseer’s CCM platform includes these and hundreds of other best practice security metrics via its new in-platform Security Metrics Catalogue. In addition to Panaseer’s expertise, the Security Metrics Catalogue has been curated from a wide community of customers, industry experts, framework organisations such as NIST and in collaboration with the Center for Internet Security (CIS). The proposition also provides recommendations to enable security teams to instantly improve their security metrics programme overall via metric groupings that include a ‘getting started’ collection, a peer-based recommendation collection, a customer favourites collection, and access to newly emerging metric suggestions.
Recommended ITech News:  Aiden Technologies Secures $2.9 Million in Funding to Empower Organizations with Automated Endpoint Management Solution
The company is also sharing best practices with the broader industry, through a new free resource, in a ‘Security Metrics Hub.’ It includes advice and educational security measurement material aimed to help enterprises overcome the challenge of determining the most impactful metrics for their programme.
CCM is fast becoming a required capability for regulated enterprises. The technology is solving one of the biggest challenges in cybersecurity today – enterprises do not know if their security controls are providing full protection at any given moment. Last year CCM was included as a new category in Gartner’s Risk Management Hype Cycle.
Andrew Jaquith, industry veteran, CISO of QOMPLX Inc, and author of Security Metrics: Replacing Fear, Uncertainty, and Doubt, comments: “As W. Edwards Deming put it, ‘In God we trust. All others bring data.’ Organizations need trustworthy data to show that their cybersecurity programs are keeping them safe and reducing risk effectively. Panaseer’s Metrics Catalogue gives customers new options for using and sharing common cyber metrics, enabling better collaboration and elevating the state of practice.”
Recommended ITech News:  ECS / My IT Acquires Network Technologies
Mike MacIntyre, VP Product, Panaseer, adds: “The only way to prevent a cyber-attack from succeeding is to have the proper cyber controls in place. However, cybersecurity control failures have topped the list of executive concerns, according to a recent report from Gartner, Inc. on emerging risks. This problem is fuelled by a lack of industry standards in the metrics that organisations should measure and monitor to best protect themselves. We are solving this industry issue by providing a blueprint of best-practice metrics, which are available in-platform for our customers, supported with valuable information on our website that’s free for all.”
Recommended ITech News:  Announcing the Launch of ‘The Development Den Northwest, Inc.’
