Security Basics mailing list archives

Re: Security markers

From: fac51 <fac51 () yahoo com>
Date: Tue, 4 Mar 2008 01:16:56 -0800 (PST)

I am currently putting together the same thing.

The reasons for this are that there are a few key areas of operations (mainly) that need extra resource to provide the 
security that we need as a company; Nothing more than regular careful administration.
So I have made a list of metrics as follows;
        Patches applied within 10days %
        Patches applied within 1 month %
        Anti virus clients up to date %
        Unauthorized changes to borders
I've included a few more one liners on other stuff that we have as an issue. Once you have these figures you will need 
to show which metrics are bad, I've chosen the usual traffic light system.
I've run a few of the admin tools on those systems to output the data to a spreadsheet and then plan to make a couple 
of pie charts, etc.

I'll then send this as a monthly or quarterly report to all the senior IS staff.

This way those small issues will at least have some visibility instead of me having to remind everyone how important 
certain tasks are this report will highlight the issues in the correct way. If the business wants to invest more time 
and effort to improve the metrics, great. If not, at least everyone is informed and knows the risks.

Make sure that the metrics will highlight the most important areas from within your strategy or areas that you know 
need improvement.(or both)

Hope this helps,
Cheers,

S

----- Original Message ----
From: Martin M Samson <martin.samson () videotron ca>
To: security-basics () securityfocus com
Sent: Sunday, March 2, 2008 3:28:47 PM
Subject: Security markers

Hi group!


I'm building a security report for internal use.


What would be the best markers to include in this monthly report to
management?


Right now we don't have any restriction on the number of items we can put in
the report but we would like something concise.

  

Thanks!



Mork.


      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

Current thread:

Security markers Martin M Samson (Mar 03)
- Re: Security markers Shawn A. Corrello (Mar 03)
  - Re: Security markers p1g (Mar 04)
- Re: Security markers p1g (Mar 04)
- Message not available
  - Security markers Nuno Treez (Mar 04)
- <Possible follow-ups>
- Re: Security markers fac51 (Mar 04)