Practical Information Security Metrics

Presented at ShmooCon 2022 Rescheduled, March 24, 2022, 4:30 p.m. (30 minutes).

If you’ve been asked to quantify the business value of your information security programs, measure risk (or risk reduction), measure the maturity of your information security program and/or provide metrics to document the progress, but don’t know where to begin, this briefing will provide specific, actionable details on how you can get started with an information security metrics program.

Presenters:

• Robert Weiss (pwcrack)
  Robert Weiss (@pwcrack) has over 20 years of experience in information security. He is the Head of Information Security for OpenVPN, the Senior Def Con Speaker Operations Goon, and a Member of NoVaHackers and Unallocated Space.

Similar Presentations:

• BSidesLV 2017 / How to make metrics and influence people
• BSidesLV 2015 / Who Watches the Watchers? Metrics for Security Strategy
• Blue Team Con 2022 / Building Better Security Metrics