OutThink is recognised by Gartner as a representative vendor innovating in the security awareness and human risk management space.
READ THE FULL RESEARCH – Four Steps to Develop Outcome-Driven Metrics for Cybersecurity
Outcome-Driven metrics provide a line of sight from investments in cybersecurity to measurable outcomes. It’s easy to throw money at the problem, but there’s a real danger that more spend doesn’t move the needle on real Cyber posture. Using ODMs is a great way to ensure maximum value.
Included in Full Research:
- How to define protection level agreements (PLAs) and outcomes for real impact on security posture.
- Maturity level metrics depend on subjective assessments of specific practices. Better than nothing, it’s hard to use these to articulate a precise business case.
- Backward-looking metrics, like clicks on phishing links, do not help measure future risk. Correlating these with behavioral analytics can make them predictive.
- According to a study by the National Institute of Standards and Technology (NIST) in the US, 73% of audit metrics are limited to just existence of controls which only predict the existence of a tool or a process.
Metrics around employee engagement with SAT content can be a useful predictor of future behavior change towards secure practices.
Human Risk Intelligence (HRI) can provide a rich source of metrics about the state of cyber-readiness at the individual, department and group levels, with the ability to inject these metrics into the implementation of security controls. HRI metrics can also help tailor training at the individual level to make the content 100% relevant, and hence incredibly engaging.
If you’d like to learn more about how OutThink can help your organization consistently achieve high engagement and improve knowledge retention through tailored training, get in touch.
Download – Four Steps to Develop Outcome-Driven Metrics for Cybersecurity
"*" indicates required fields
