CHICAGO Metrics®
  • Home
  • Memberships/Services
    • Membership Comparison
    • Consulting (vCIO/vCISO)
    • Packages
  • Program
    • Program Details
    • VRAP Details
    • Pledge 1%
    • Sample Board Report
  • About
    • About Us
    • Careers
    • Members
    • Partners
    • Twitter Feed
    • Contact
  • Get Support
    • Support
    • FAQs
    • License
  • Blog
  • Personal
    • Personal - Program Details
    • Personal Packages Comparison
    • Packages
  • LOGIN/REGISTER
    • Metrics Login and Registration
    • Personal (Resume) Login
    • GMIS Accreditation Login

BLOG

Answering, "Are We Secure?"

5/3/2018

0 Comments

 
The NACD posted these questions to ask your security team:
1. Does the security team have a full, well-informed view of the organization’s security posture?
2. Is our organization resilient to attack?
3. Is the security team confident it can detect and respond quickly to security incidents?
4. How do you measure the effectiveness of our cybersecurity program and initiatives?
5. Do political or financial considerations impact your ability to protect the organization effectively?
Here is the CHICAGO Metrics™ response:
1. Yes, we know the overall CHICAGO Score™ and the average Risk and Effort ratings to drive decisions and prioritization.
2. We have advised the Board based on Risk and Effort and are at or working towards the risk posture tolerated.
3. We tactically measure multiple points to include incident response. These aggregate into the Character, Availability, Confidentiality, Integrity, and GOld scores. We actively manage to these.
4. We have 142 tactical metrics, for conversations with engineers, and aggregate them into 6 key business/risk indicators, for conversations with executives, complete with an overall CHICAGO Score™. It provides Risk and Effort indicators to provide prioritization direction. This ties into the CHICAGO Maturity Model which gives a definitive quantitative scoring model to determine your organization's maturity level.
5. We publish and manage to our Risk (Likelihood*Impact) and Effort (Time*People*Money) scores. This allows us to quantitatively provide the executive team the information they need to make an informed decision. These can also be tied to the 6 key CHICAGO Metrics™ and how they relate to each C-Suite executive. - Think: "Speak their language."

0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Archives

    July 2019
    October 2018
    May 2018
    July 2016
    May 2016
    April 2016

    Categories

    All

    RSS Feed

    View my profile on LinkedIn

Company

Home
​
Pledge 1%
Team


Memberships & Services

Memberships
Consulting (vCIO/vCISO)
​
Packages
Program

About

About
Contact

Partners

Support

Support
FAQs

License

© COPYRIGHT 2015. ALL RIGHTS RESERVED.
Photo used under Creative Commons from WebGregor
  • Home
  • Memberships/Services
    • Membership Comparison
    • Consulting (vCIO/vCISO)
    • Packages
  • Program
    • Program Details
    • VRAP Details
    • Pledge 1%
    • Sample Board Report
  • About
    • About Us
    • Careers
    • Members
    • Partners
    • Twitter Feed
    • Contact
  • Get Support
    • Support
    • FAQs
    • License
  • Blog
  • Personal
    • Personal - Program Details
    • Personal Packages Comparison
    • Packages
  • LOGIN/REGISTER
    • Metrics Login and Registration
    • Personal (Resume) Login
    • GMIS Accreditation Login