SlideShare a Scribd company logo

Summarized version of Key Performance Indicators (KPIs) for Security Operations and Incident Response article

M
MaryamAlHumam

This document discusses key performance indicators (KPIs) for security operations and incident response. It defines KPIs and explains why they are important to measure to assess business goals and make data-driven decisions. The document recommends focusing on a few high-quality KPIs that measure important components like analyst skills, detection success, key risks, and workload. It provides examples of potential KPIs like number of monitored devices and number of security events per location.

Data & Analytics
1 of 10
Download to read offline
King Faisal University School of Business Management Information Systems Department Key Performance Indicators (KPIs) for Security Operations and Incident Response Information System Security Prepared by: Fatemah Alnjm, Maryam Alhumam Instructor: Dr.Abdelnasser Abdelaal Spring - 2019
Table of Contents Key Performance Indicates ( KPIs) …………………. 3 Why Measure KPIs ? ………………………………... 4 Which KPIs Should be Measured? ………………...... 5 How Many KPIs Should be Measured? …………….. 7 Final Thoughts ……………………………………..... 8 Examples about KPIs ……………………………….. 9
Key Performance Indicators (KPIs) • A way of measuring the success or a failure of a business goal, function or objective. • A means of providing actionable information on which decisions can be based. • The goals of business units are clearly defined. Most security operations goals are more focused on positive or negative trends over time than achieving a specific target.
Why Measure (KPIs)? Much of the security operations process focuses around the analysis of data and identification of patterns and trends. This is true of both tactical and strategic functions of security operations – identifying program gaps and making long-term program decisions. This can have a tremendously positive impact on both tactical and strategic functions. The quality of KPIs serve as a security program enabler and driver for continuous improvements. The threat landscape is a dynamic and ever-changing environment. KPIs help ensure that a security operations program continues to remain effective and that any process or technology gaps are addressed appropriately.
Which KPIs Should be Measured? • Determining which KPIs should be measured shouldn’t start with KPIs at all. KPIs should focus on assessing a goal or function and providing actionable information on which decisions can be made. • When choosing KPIs to measure, quality should be valued above quantity.There are many different methods to evaluating the effectiveness of a KPI; for example: S M A R TSimple Measurable Actionable Relevant Time-based
Which KPIs Should be Measured? Cont. • SMART KPIs will be different for each organization; it is simply not possible to create a one size kits all list of KPIs. • Most security operations KPIs should be targeted at assessing at least one of these common components. The six most common components of a successful security operations program are: ü Analyst Skills ü Detection Success ü Key Risks ü Mitigation Success ü Process Success ü Workload
How Many KPIs Should be Measured? • KPIs provide the critical information required to make fact-based decisions.Tracking too many KPIs place decisions makers in a state of information overload. • It vary from one organization to another based on what is right for the program and the organization is far more important than any hard number. • Brainstorming process determine the most effective and efficient drivers of success for the security operations program.
Final Thoughts • There will never be a set of “correct” KPIs to measure. • The key to choosing KPIs which will have a real, actionable impact on the organization’s security program is to ensure that the KPIs are SMART, focus on the six most common components of a successful security operations program, and are used to further the security program..
• Effective KPIs are selected based on the SMART criteria. Here are some examples of KPIs which should be applicable at some level to most organizations. Example Key Performance Indicators (KPIs) KPI Why Do We Care? Possible Measurements Assessment of Number of devices being monitored · How many devices are being monitoring? · Is the number increasing or decreasing? Why? · Number of devices · Number of devices / analyst · Workload Number of events per location ·How many events are received per geographic location, office, etc.? · Are certain locations more prone to security events? Why? · Number of events / department · Number of events / office · Number of events / region · Key risks
Thank you

Recommended

Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data CenterCisco Canada
 
24/7 Outsourced NOC Services
24/7 Outsourced NOC Services24/7 Outsourced NOC Services
24/7 Outsourced NOC ServicesFlightcase1
 
Six Steps to SIEM Success
Six Steps to SIEM SuccessSix Steps to SIEM Success
Six Steps to SIEM SuccessAlienVault
 
Stki it staffing ratios 2018 v3
Stki it staffing ratios 2018 v3Stki it staffing ratios 2018 v3
Stki it staffing ratios 2018 v3Inbalraanan
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld
 
Contact Center Capabilities
Contact Center CapabilitiesContact Center Capabilities
Contact Center Capabilitiesservice007
 
AWS Webcast - Business Continuity in the AWS Cloud
AWS Webcast - Business Continuity in the AWS CloudAWS Webcast - Business Continuity in the AWS Cloud
AWS Webcast - Business Continuity in the AWS CloudAmazon Web Services
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access ManagementSam Bowne
 

Recommended

Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data CenterCisco Canada
 
24/7 Outsourced NOC Services
24/7 Outsourced NOC Services24/7 Outsourced NOC Services
24/7 Outsourced NOC ServicesFlightcase1
 
Six Steps to SIEM Success
Six Steps to SIEM SuccessSix Steps to SIEM Success
Six Steps to SIEM SuccessAlienVault
 
Stki it staffing ratios 2018 v3
Stki it staffing ratios 2018 v3Stki it staffing ratios 2018 v3
Stki it staffing ratios 2018 v3Inbalraanan
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld
 
Contact Center Capabilities
Contact Center CapabilitiesContact Center Capabilities
Contact Center Capabilitiesservice007
 
AWS Webcast - Business Continuity in the AWS Cloud
AWS Webcast - Business Continuity in the AWS CloudAWS Webcast - Business Continuity in the AWS Cloud
AWS Webcast - Business Continuity in the AWS CloudAmazon Web Services
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access ManagementSam Bowne
 
Sensu Monitoring
Sensu MonitoringSensu Monitoring
Sensu MonitoringMohanasundaram Ponnusamy
 
Elastic Observability keynote
Elastic Observability keynoteElastic Observability keynote
Elastic Observability keynoteElasticsearch
 
F5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructureF5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructureDSorensenCPR
 
Content Delivery Using Amazon CloudFront - AWS Presentation - John Mancuso
Content Delivery Using Amazon CloudFront - AWS Presentation - John MancusoContent Delivery Using Amazon CloudFront - AWS Presentation - John Mancuso
Content Delivery Using Amazon CloudFront - AWS Presentation - John MancusoAmazon Web Services
 
Reimagining the Contact Center with Digital Technologies
Reimagining the Contact Center with Digital TechnologiesReimagining the Contact Center with Digital Technologies
Reimagining the Contact Center with Digital TechnologiesTata Consultancy Services
 
ManageEngine Firewall Analyzer training
ManageEngine Firewall Analyzer trainingManageEngine Firewall Analyzer training
ManageEngine Firewall Analyzer trainingManageEngine, Zoho Corporation
 
Large-Scale AWS Migrations with CSC
Large-Scale AWS Migrations with CSCLarge-Scale AWS Migrations with CSC
Large-Scale AWS Migrations with CSCAmazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSAmazon Web Services
 
장애 관리 방안
장애 관리 방안장애 관리 방안
장애 관리 방안Junho Lee
 
Shared service centers
Shared service centersShared service centers
Shared service centersMohsen Yousefi
 
[한국IBM] ServiceNow로 IT운영관리 최적화!
[한국IBM] ServiceNow로 IT운영관리 최적화![한국IBM] ServiceNow로 IT운영관리 최적화!
[한국IBM] ServiceNow로 IT운영관리 최적화!Sejeong Kim 김세정
 
Building the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAseBuilding the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAseDon Murdoch GSE CyberGuardian CISSP
 
Cost Optimisation
Cost OptimisationCost Optimisation
Cost OptimisationAmazon Web Services
 
Cloud Economics - TCO 101
Cloud Economics - TCO 101Cloud Economics - TCO 101
Cloud Economics - TCO 101Amazon Web Services
 
11 Actions that will make your SIAM Programme successful
11 Actions that will make your SIAM Programme successful11 Actions that will make your SIAM Programme successful
11 Actions that will make your SIAM Programme successfulSteve Morgan
 
The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...
The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...
The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...Amazon Web Services
 
Network Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network OperationsNetwork Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network OperationsEnterprise Management Associates
 
Security Onion
Security OnionSecurity Onion
Security Onionn|u - The Open Security Community
 
Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5madunix
 
Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...
Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...
Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...Amazon Web Services
 
Facility Management Metrics That Matter
Facility Management Metrics That MatterFacility Management Metrics That Matter
Facility Management Metrics That MatterRobert Lambe, CFM
 
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Julie Rampello
 

More Related Content

What's hot

Elastic Observability keynote
Elastic Observability keynoteElastic Observability keynote
Elastic Observability keynoteElasticsearch
 
F5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructureF5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructureDSorensenCPR
 
Content Delivery Using Amazon CloudFront - AWS Presentation - John Mancuso
Content Delivery Using Amazon CloudFront - AWS Presentation - John MancusoContent Delivery Using Amazon CloudFront - AWS Presentation - John Mancuso
Content Delivery Using Amazon CloudFront - AWS Presentation - John MancusoAmazon Web Services
 
Reimagining the Contact Center with Digital Technologies
Reimagining the Contact Center with Digital TechnologiesReimagining the Contact Center with Digital Technologies
Reimagining the Contact Center with Digital TechnologiesTata Consultancy Services
 
Large-Scale AWS Migrations with CSC
Large-Scale AWS Migrations with CSCLarge-Scale AWS Migrations with CSC
Large-Scale AWS Migrations with CSCAmazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSAmazon Web Services
 
장애 관리 방안
장애 관리 방안장애 관리 방안
장애 관리 방안Junho Lee
 
Shared service centers
Shared service centersShared service centers
Shared service centersMohsen Yousefi
 
[한국IBM] ServiceNow로 IT운영관리 최적화!
[한국IBM] ServiceNow로 IT운영관리 최적화![한국IBM] ServiceNow로 IT운영관리 최적화!
[한국IBM] ServiceNow로 IT운영관리 최적화!Sejeong Kim 김세정
 
11 Actions that will make your SIAM Programme successful
11 Actions that will make your SIAM Programme successful11 Actions that will make your SIAM Programme successful
11 Actions that will make your SIAM Programme successfulSteve Morgan
 
The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...
The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...
The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...Amazon Web Services
 
Network Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network OperationsNetwork Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network OperationsEnterprise Management Associates
 
Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5madunix
 
Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...
Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...
Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...Amazon Web Services
 

What's hot (20)

Sensu Monitoring
Sensu MonitoringSensu Monitoring
Sensu Monitoring
 
Elastic Observability keynote
Elastic Observability keynoteElastic Observability keynote
Elastic Observability keynote
 
F5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructureF5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructure
 
Content Delivery Using Amazon CloudFront - AWS Presentation - John Mancuso
Content Delivery Using Amazon CloudFront - AWS Presentation - John MancusoContent Delivery Using Amazon CloudFront - AWS Presentation - John Mancuso
Content Delivery Using Amazon CloudFront - AWS Presentation - John Mancuso
 
Reimagining the Contact Center with Digital Technologies
Reimagining the Contact Center with Digital TechnologiesReimagining the Contact Center with Digital Technologies
Reimagining the Contact Center with Digital Technologies
 
ManageEngine Firewall Analyzer training
ManageEngine Firewall Analyzer trainingManageEngine Firewall Analyzer training
ManageEngine Firewall Analyzer training
 
Large-Scale AWS Migrations with CSC
Large-Scale AWS Migrations with CSCLarge-Scale AWS Migrations with CSC
Large-Scale AWS Migrations with CSC
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECS
 
장애 관리 방안
장애 관리 방안장애 관리 방안
장애 관리 방안
 
Shared service centers
Shared service centersShared service centers
Shared service centers
 
[한국IBM] ServiceNow로 IT운영관리 최적화!
[한국IBM] ServiceNow로 IT운영관리 최적화![한국IBM] ServiceNow로 IT운영관리 최적화!
[한국IBM] ServiceNow로 IT운영관리 최적화!
 
Building the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAseBuilding the Security Operations and SIEM Use CAse
Building the Security Operations and SIEM Use CAse
 
Cost Optimisation
Cost OptimisationCost Optimisation
Cost Optimisation
 
Cloud Economics - TCO 101
Cloud Economics - TCO 101Cloud Economics - TCO 101
Cloud Economics - TCO 101
 
11 Actions that will make your SIAM Programme successful
11 Actions that will make your SIAM Programme successful11 Actions that will make your SIAM Programme successful
11 Actions that will make your SIAM Programme successful
 
The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...
The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...
The Cloud Operating Model MVP: From Zero to Production Ready in 12 Weeks - Bu...
 
Network Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network OperationsNetwork Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network Operations
 
Security Onion
Security OnionSecurity Onion
Security Onion
 
Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5
 
Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...
Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...
Improving Customer Experience with Amazon Connect – The AI Driven Contact Cen...
 

Similar to Summarized version of Key Performance Indicators (KPIs) for Security Operations and Incident Response article

Facility Management Metrics That Matter
Facility Management Metrics That MatterFacility Management Metrics That Matter
Facility Management Metrics That MatterRobert Lambe, CFM
 
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Julie Rampello
 
Julie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentationJulie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentationProjetech
 
Bi in telecom through kpi’s
Bi in telecom through kpi’sBi in telecom through kpi’s
Bi in telecom through kpi’sSai Venkatesh
 
Role of the virtual ciso
Role of the virtual cisoRole of the virtual ciso
Role of the virtual cisoMichael Ball
 
Old Presentation on Security Metrics 2005
Old Presentation on Security Metrics 2005Old Presentation on Security Metrics 2005
Old Presentation on Security Metrics 2005Anton Chuvakin
 
Continous auditing and risk monitoring 9 23-09
Continous auditing and risk monitoring 9 23-09Continous auditing and risk monitoring 9 23-09
Continous auditing and risk monitoring 9 23-09Gaiani (CarnCorpAudit)
 
it_Define_Service_Desk_Metrics_That_Matter_Storyboard.pptx
it_Define_Service_Desk_Metrics_That_Matter_Storyboard.pptxit_Define_Service_Desk_Metrics_That_Matter_Storyboard.pptx
it_Define_Service_Desk_Metrics_That_Matter_Storyboard.pptxAbdulelah Aljabri
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
Information Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsInformation Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsJack Nichelson
 
Ultimate guide to performance measurement
Ultimate guide to performance measurementUltimate guide to performance measurement
Ultimate guide to performance measurementRebecca Manjra
 
Pms software and kp is
Pms software and kp isPms software and kp is
Pms software and kp isdutconsult
 
Increasing the probability of project success using Earned Value Management
Increasing the probability of project success using Earned Value ManagementIncreasing the probability of project success using Earned Value Management
Increasing the probability of project success using Earned Value ManagementGlen Alleman
 
Key Performance Indicators-KPIs
Key Performance Indicators-KPIsKey Performance Indicators-KPIs
Key Performance Indicators-KPIsArshad A Javed
 
Overview of Key Performance Indicators
Overview of Key Performance IndicatorsOverview of Key Performance Indicators
Overview of Key Performance IndicatorsMicheal Axelsen
 

Similar to Summarized version of Key Performance Indicators (KPIs) for Security Operations and Incident Response article (20)

Facility Management Metrics That Matter
Facility Management Metrics That MatterFacility Management Metrics That Matter
Facility Management Metrics That Matter
 
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
Maximo KPI Maintenance & Asset Reliability Support Workshop IMC 2013 presenta...
 
eob_dec14.artok
eob_dec14.artokeob_dec14.artok
eob_dec14.artok
 
Julie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentationJulie Rampello Maximo workshop IMC 2013 presentation
Julie Rampello Maximo workshop IMC 2013 presentation
 
Bi in telecom through kpi’s
Bi in telecom through kpi’sBi in telecom through kpi’s
Bi in telecom through kpi’s
 
Dit yvol4iss14
Dit yvol4iss14Dit yvol4iss14
Dit yvol4iss14
 
Insight into Security Leader Success Part 2
Insight into Security Leader Success Part 2Insight into Security Leader Success Part 2
Insight into Security Leader Success Part 2
 
Role of the virtual ciso
Role of the virtual cisoRole of the virtual ciso
Role of the virtual ciso
 
Old Presentation on Security Metrics 2005
Old Presentation on Security Metrics 2005Old Presentation on Security Metrics 2005
Old Presentation on Security Metrics 2005
 
Continous auditing and risk monitoring 9 23-09
Continous auditing and risk monitoring 9 23-09Continous auditing and risk monitoring 9 23-09
Continous auditing and risk monitoring 9 23-09
 
TRI RBM Change Management Approach
TRI RBM Change Management ApproachTRI RBM Change Management Approach
TRI RBM Change Management Approach
 
it_Define_Service_Desk_Metrics_That_Matter_Storyboard.pptx
it_Define_Service_Desk_Metrics_That_Matter_Storyboard.pptxit_Define_Service_Desk_Metrics_That_Matter_Storyboard.pptx
it_Define_Service_Desk_Metrics_That_Matter_Storyboard.pptx
 
Transforming data into useful information
Transforming data into useful informationTransforming data into useful information
Transforming data into useful information
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metrics
 
Information Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security MetricsInformation Security Metrics - Practical Security Metrics
Information Security Metrics - Practical Security Metrics
 
Ultimate guide to performance measurement
Ultimate guide to performance measurementUltimate guide to performance measurement
Ultimate guide to performance measurement
 
Pms software and kp is
Pms software and kp isPms software and kp is
Pms software and kp is
 
Increasing the probability of project success using Earned Value Management
Increasing the probability of project success using Earned Value ManagementIncreasing the probability of project success using Earned Value Management
Increasing the probability of project success using Earned Value Management
 
Key Performance Indicators-KPIs
Key Performance Indicators-KPIsKey Performance Indicators-KPIs
Key Performance Indicators-KPIs
 
Overview of Key Performance Indicators
Overview of Key Performance IndicatorsOverview of Key Performance Indicators
Overview of Key Performance Indicators
 

Recently uploaded

Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...SUHANI PANDEY
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxfirstjob4
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Researchmichael115558
 
Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz1
 
CebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptxCebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptxolyaivanovalion
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAroojKhan71
 
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecureCall me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecurePooja Nehwal
 
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfFESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfMarinCaroMartnezBerg
 
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...Valters Lauzums
 
Log Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptxLog Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptxJohnnyPlasten
 
Edukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFxEdukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFxolyaivanovalion
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...amitlee9823
 
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceBDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceDelhi Call girls
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxolyaivanovalion
 
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...amitlee9823
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...amitlee9823
 

Recently uploaded (20)

Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts ServiceCall Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
 
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptx
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
 
Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signals
 
CebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptxCebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptx
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
 
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
 
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecureCall me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
 
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfFESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdf
 
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
 
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Log Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptxLog Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptx
 
Edukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFxEdukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFx
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
 
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort ServiceBDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFx
 
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
 

Summarized version of Key Performance Indicators (KPIs) for Security Operations and Incident Response article

  • 1. King Faisal University School of Business Management Information Systems Department Key Performance Indicators (KPIs) for Security Operations and Incident Response Information System Security Prepared by: Fatemah Alnjm, Maryam Alhumam Instructor: Dr.Abdelnasser Abdelaal Spring - 2019
  • 2. Table of Contents Key Performance Indicates ( KPIs) …………………. 3 Why Measure KPIs ? ………………………………... 4 Which KPIs Should be Measured? ………………...... 5 How Many KPIs Should be Measured? …………….. 7 Final Thoughts ……………………………………..... 8 Examples about KPIs ……………………………….. 9
  • 3. Key Performance Indicators (KPIs) • A way of measuring the success or a failure of a business goal, function or objective. • A means of providing actionable information on which decisions can be based. • The goals of business units are clearly defined. Most security operations goals are more focused on positive or negative trends over time than achieving a specific target.
  • 4. Why Measure (KPIs)? Much of the security operations process focuses around the analysis of data and identification of patterns and trends. This is true of both tactical and strategic functions of security operations – identifying program gaps and making long-term program decisions. This can have a tremendously positive impact on both tactical and strategic functions. The quality of KPIs serve as a security program enabler and driver for continuous improvements. The threat landscape is a dynamic and ever-changing environment. KPIs help ensure that a security operations program continues to remain effective and that any process or technology gaps are addressed appropriately.
  • 5. Which KPIs Should be Measured? • Determining which KPIs should be measured shouldn’t start with KPIs at all. KPIs should focus on assessing a goal or function and providing actionable information on which decisions can be made. • When choosing KPIs to measure, quality should be valued above quantity.There are many different methods to evaluating the effectiveness of a KPI; for example: S M A R TSimple Measurable Actionable Relevant Time-based
  • 6. Which KPIs Should be Measured? Cont. • SMART KPIs will be different for each organization; it is simply not possible to create a one size kits all list of KPIs. • Most security operations KPIs should be targeted at assessing at least one of these common components. The six most common components of a successful security operations program are: ü Analyst Skills ü Detection Success ü Key Risks ü Mitigation Success ü Process Success ü Workload
  • 7. How Many KPIs Should be Measured? • KPIs provide the critical information required to make fact-based decisions.Tracking too many KPIs place decisions makers in a state of information overload. • It vary from one organization to another based on what is right for the program and the organization is far more important than any hard number. • Brainstorming process determine the most effective and efficient drivers of success for the security operations program.
  • 8. Final Thoughts • There will never be a set of “correct” KPIs to measure. • The key to choosing KPIs which will have a real, actionable impact on the organization’s security program is to ensure that the KPIs are SMART, focus on the six most common components of a successful security operations program, and are used to further the security program..
  • 9. • Effective KPIs are selected based on the SMART criteria. Here are some examples of KPIs which should be applicable at some level to most organizations. Example Key Performance Indicators (KPIs) KPI Why Do We Care? Possible Measurements Assessment of Number of devices being monitored · How many devices are being monitoring? · Is the number increasing or decreasing? Why? · Number of devices · Number of devices / analyst · Workload Number of events per location ·How many events are received per geographic location, office, etc.? · Are certain locations more prone to security events? Why? · Number of events / department · Number of events / office · Number of events / region · Key risks