Securing sensitive data is an ongoing business commitment that requires attentive resources and the support of senior management. Measuring security effectiveness can be a tricky business. Implementing solutions that thoroughly monitor networks is one way to stay informed about whats happening on your infrastructure, while keeping skilled resources free to focus on more strategic security processes.
Even so, the application of independent metrics is in its infancy, and rolling up compliance, security and risk into an easily digestible format for senior stakeholders has been a consistent challenge. But it is a challenge that organisations cannot afford to ignore. If IT departments dont begin educating the employees in charge about the need for constant refinement of security processes, the benefits of any compliance mandate as a baseline for good security practice will go to waste.
Sign up for Computerworld eNewsletters.