Editor’s Note: This is the final installment of a four-part series featuring an in-depth overview of InfoSec’s (Information Security) Unified Security Metrics Program (USM). In this blog entry, we discuss some of the lessons learned during the program’s first year.
Winter weather in the North Atlantic Ocean can be precarious at best. Anyone recall the ill-fated journey of the RMS Titanic? Icebergs pose significant risk because only 10 percent can be seen above the surface, while more than 90 percent remain hidden below. Similarly, metrics and numbers on a chart represent only the tip of an iceberg. Rich, meaningful, and actionable data exists below the surface and, when leveraged successfully, can drive great results and outcomes. During the past year, the USM program has embarked on some new, uncharted waters. The journey hasn’t always been easy, but we’ve learned some valuable lessons along the way.