by David Mortman on October 19, 2009
Josh Corman had an awesome post over on Fudsec on Friday. It’s so awesomely appropriate to this blog, that I’m sharing it with you. My only complaint is that I wish that I had written instead. Go read it right now.
Great post, Josh, and very good discussion from wgragido, ean, and gorrie.
Regarding what InfoSec people and CISOs should do differently to evolve/change/adapt more effectively, we could start by including some “meta-metrics” for organization learning, agility, etc.
I gave a presentation at Metricon a few years ago on this topic: “”Security Meta Metrics – Measuring Agility, Learning, and Unintended Consequences” http://meritology.com/resources/Security%20Meta%20Metrics.ppt . It includes some specific ideas for such metrics, but really almost any metric will be better than the willful ignorance that most security organizations have today about continuous learning.
by Russell on October 20, 2009 at 12:19 am. Reply #
Required. Not published.
If you have one.
Annoyedly powered by WordPress and a modified Modernist, a theme by Rodrigo Galindez. RSS Feed.