lcamtufs blog: In praise of anarchy: metrics are holding you back

lcamtufs blog: In praise of anarchy: metrics are holding you back.

Michal Zalewski presents two risks of a security metrics program – reduced adaptability and agility.

The frameworks for constructing security metrics often promise to advance one’s adaptability and agility, but that’s very seldom true. These attributes depend entirely on having bright, inquisitive security engineers thriving in a healthy corporate culture. A dysfunctional organization, or a security team with no technical insight, will not be saved by a checklist and a set of indicators; while a healthy team is unlikely to truly benefit from having them.

While I am surely no advocating against security metrics. it is worth noting the risks.

About Cymbel

Specialists in information security. Helping organizations secure their networks and mitigate the risks of modern threats.

Speak Your Mind

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.