Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

Security incident response metrics

Within my current assignment I faced with a question: What metrics and KPIs could be established to measure performance of the company's CERT? or may be there could be some kind of SLA which is structured by incidents significance? (e.g. service level could be measured by time of first reaction on incident, or time to establish the case, or time to make initial containment of the threat). Please advise what metrics and KPIs you use, or could be used.
You must sign in to rate content.
(Unrated)

Comments

RE: Security incident response metrics

I am also interested to know if you found anything on the metrics and KPIs of the CERT and/or CIRT.
Helly263Energizer at 11/11/2015 2:33:15 AM Quote
You must sign in to rate content.
(Unrated)

RE: Security incident response metrics

Measures specifically for security incident response I've found useful are:

Time to discover an inident
Time to triage and complete initial assessment
Number / percentage of incidents that breach SLA targets
Number of incidents the involve disclosure of personal / sensitive information (data breaches)
Number / percentrage of incidents resulting in service outage



Phil GreenInfluential at 12/23/2015 4:49:34 AM Quote
You must sign in to rate content.
(Unrated)

RE: Security incident response metrics

Measures specifically for security incident response I've found useful are:

Time to discover an inident
Time to triage and complete initial assessment
Number / percentage of incidents that breach SLA targets
Number of incidents the involve disclosure of personal / sensitive information (data breaches)
Number / percentrage of incidents resulting in service outage



Phil GreenInfluential at 12/23/2015 4:49:34 AM Quote
You must sign in to rate content.
(Unrated)

RE: Security incident response metrics

I am also interested to know if you found anything on the metrics and KPIs of the CERT and/or CIRT.
Helly263Energizer at 11/11/2015 2:33:15 AM Quote
You must sign in to rate content.
(Unrated)

RE: Security incident response metrics

I am also interested to know if you found anything on the metrics and KPIs of the CERT and/or CIRT.
Helly263Energizer at 11/11/2015 2:33:15 AM Quote
You must sign in to rate content.
(Unrated)

RE: Security incident response metrics

Measures specifically for security incident response I've found useful are:

Time to discover an inident
Time to triage and complete initial assessment
Number / percentage of incidents that breach SLA targets
Number of incidents the involve disclosure of personal / sensitive information (data breaches)
Number / percentrage of incidents resulting in service outage



Phil GreenInfluential at 12/23/2015 4:49:34 AM Quote
You must sign in to rate content.
(Unrated)

Leave a Comment

* required

You must login to leave a comment.