Metrics needn’t be meddlesome (alliteration!), as long as you’re measuring something. Focus on the metrics that make the most impact instead of trying to do it all. Regardless of your maturity level, you can still implement a metrics program. It comes down to value over quantity. Mix straightforward metrics like the overall reduction of incidents with business-focused metrics around costs saved and time reduced in responding to incidents. As part of this track, participants will understand the specific metrics that best suit their organization based on the organization’s risk tolerance, compliance requirements and org culture, and identify best practices to keep the program consistent.
Jessica Ireland has been an analyst with Info-Tech since 2011. She is a graduate of the Master of Arts in Journalism program at the University of Western Ontario, and also holds an Honours Specialization Bachelor of Arts in Political Science. She has delivered multiple client workshops on topics such as risk management, identity security services and PCI-DSS. During her time at Info-Tech, Ireland has become a resident subject matter expert in IT security and has been instrumental in creating the content for many security project blueprints on topics such as network security roadmaps, incident management, security policies, security information and event management, and more.