Security Metrics That Matter: Improving Visibility and Effectiveness

Dr. Mike Lloyd, CTO, RedSeal Networks
Security metrics for improving management have long been an issue of discussion and debate across the industry. Some experts and practitioners contend that we need these key indicators if we’re ever going to drive down real-world risk, while others think that the concept can’t be applied practically. Some experts feel that we just haven’t found the right numbers to measure security effectiveness yet.

Count RedSeal Networks among the final group… although we think that we’ve made some important headway in helping organizations unearth those figures that will actually allow them to better trend and improve their rates of success.

Expanding on his sold-out keynote at Security BSidesSD, join RedSeal CTO Dr. Mike Lloyd for a webcast: Security Metrics that Matter
As part of his presentation Dr. Mike will outline:

•Why previous metrics efforts have under-delivered
•The need to tie measurement to underlying business value
•How you can build metrics that truly measure effectiveness

As an added bonus, we’ll also release the results of our in-booth RSA survey: “Panning for Gold in the Avalanche: Security Pros Still Searching for Metrics”

Don’t miss this chance to hear this compelling new research that surfaces the opinions that you and your colleagues at RSA shared with us.

Hear about your peers’ current level of visibility into network access and risk exposure, the desire for new security metrics, and how RedSeal can help.
Apr 26 2012
56 mins
Security Metrics That Matter: Improving Visibility and Effectiveness
Join us for this summit:
More from this community:

IT Service Management

Webinars and videos

  • Live and recorded (1961)
  • Upcoming (51)
  • Date
  • Rating
  • Views
  • Join us for a 30-minute live session every Friday, where we’ll tour the RingCentral interface, discuss the latest innovations and features available on the RingCentral platform, and share best practices on leveraging cloud communications for your business. This session features a live demo of RingCentral Office and an open Q&A session led by a Sales Engineer. This week tune in and learn how your employees can hold multi-point HD video meetings around the world, anytime and anywhere with RingCentral Meetings.
  • Join salesforce.com customer kCura as they describe the value of having a communities platform to create frictionless service experiences with law firms, government agencies, and litigation service providers. Learn how a self-service community experience enables customers to help each other and themselves, letting service teams focus on the big issues. All of these benefits ultimately translate into a frictionless and unified experience for all their customers!

    George Orr is the VP of Client Services for kCura. He leads strategic and implementation initiatives designed to enhance the online experience of customers.
  • Over the past several years, ITSM has evolved dramatically. What was considered mature and effective Service Management a short time ago is barely sufficient today. Does this get you thinking about what is next for ITSM and whether your Service Management solution is the one to take you to the next level? Good! Let’s get together and talk about it. We will look at industry best practices, lessons learned and what you should consider in your future plans to get to the next frontier of ITSM.

    Join George Spalding, Executive Vice President of Pink Elephant, as he presents his thoughts about how we got HERE and what he believes are the next best moves to get us THERE – in the future of ITSM. George Spalding won the 2012 Ron Muns Lifetime Achievement Award from HDI, is one of the world’s most insightful IT Service Management and Support experts and has spent several years as a consultant to the White House, the Smithsonian Institute, and the Federal Bureau of Investigation. George is an ITIL Expert, he is a regular author of IT articles and white papers, and is a presenter at global ITSM conferences and events.
  • Over the past several years, ITSM has evolved dramatically. What was considered mature and effective Service Management a short time ago is barely sufficient today. Does this get you thinking about what is next for ITSM and whether your Service Management solution is the one to take you to the next level? Good! Let’s get together and talk about it. We will look at industry best practices, lessons learned and what you should consider in your future plans to get to the next frontier of ITSM.

    Join George Spalding, Executive Vice President of Pink Elephant, as he presents his thoughts about how we got HERE and what he believes are the next best moves to get us THERE – in the future of ITSM. George Spalding won the 2012 Ron Muns Lifetime Achievement Award from HDI, is one of the world’s most insightful IT Service Management and Support experts and has spent several years as a consultant to the White House, the Smithsonian Institute, and the Federal Bureau of Investigation. George is an ITIL Expert, he is a regular author of IT articles and white papers, and is a presenter at global ITSM conferences and events.
  • The Operations Bridge is “the” solution for IT Operations to effectively address the challenges they face when it comes to managing the new style of IT: complex composite applications, virtualized environments, cloud-based services, big data, and a variety of management solutions from different vendors. In this session, you will learn how the HP Operations Bridge solution allows you to take up those challenges and consolidate all your existing IT monitoring solutions, providing a unique solution to maximize efficiency and improve runtime and performance of your IT services.
  • Enterprises are realizing that the opportunity of data analytics is maximum when the data is fresh and represents the "current reality" of operations or customer experience. The business value of data dramatically falls with its age.

    As IT and line-of-business executives begin to operationalize Hadoop and MPP based batch Big Data analytics, it's time to prepare for the next wave of innovation in data processing.

    Join this webinar on analytics over real-time streaming data.

    You will learn about:
    •How business value is preserved and enhanced using Real-time Streaming Analytics with numerous use-cases in different industry verticals
    •Technical considerations for IT leaders and implementation teams looking to integrate Real-time Streaming Analytics into enterprise architecture roadmap
    •Recommendations for making Real-time Streaming Analytics – real – in your enterprise
    •Impetus StreamAnalytix – an enterprise ready platform for Real-time Streaming Analytics
  • Problem Management is a game changer. It is critical in developing real quality in service delivery. However, very few organisations actually get this aspect of ITSM working well.

    This fourth session in the ITSM Goodness series will look at how we spend too much time focussing on efficient ‘fire-fighting’ (Incident Management), rather than looking at avoiding recurrence or eradicating faults altogether - ultimately a better solution for customer and provider alike. Often there are some simple misunderstandings around what Problem Management is or what is required to make it work. Also it can be difficult to find the right people to make Problem Management happen, particularly as it is not a simple linear process that can be ‘industrialised’ like Incident Management. This session provides simple clear guidelines on what is needed and how to make Problem Management work well for your organisation.

    This 8-part monthly series is designed to provide real-time value to newcomers and take to the next level those already familiar with the approach.

    ITSM Goodness is an approach created by Barclay Rae to deliver practical, proven, successful and accessible advice and guidance for ITSM and IT professionals. The focus is clear and simple – on achieving the right business outcomes from IT, and how this is delivered, via the Customer Experience.
  • The foundation of success for any company is an outstanding customer experience, but we all know the journey toward creating an amazing service culture is a challenging one. While a great culture doesn’t happen overnight, it IS attainable (really!) with the right approach. Join Joel Daly, HOSTING’s COO, as he discusses HOSTING’s journey: the obstacles, the companies we admire, and the process we undertook to reach excellent service.
  • For many IT Service Organisations the selection of their ITSM toolset is one of the most important, and expensive, decisions they can make. Causing huge disruption and extra work as staff are moved from one system to another. The ITSM toolset is like the engine that drives an IT department and its ability to ensure work is prioritised, integrated and moved between support teams. It is utterly critical to the running of an IT department, but if its so important why do so many IT departments only keep a toolset for 3-5 years before moving to another one and starting the process again?

    Join Peter Hubbard, Principal ITSM Consultant at Pink Elephant, as he shares his experiences on what happens during an ‘out of the box’ toolset implementation program, along with his advice and guidance on avoiding typical pitfalls that many implementations could easily avoid.

    Learn about the critical importance of People, Process and Product working in harmony to make sure that your toolset selection and implementation program delivers real business value quickly.

    Learn why ‘Out of the box’ is a dangerous phrase, and there is no such thing in the real world. Peter will be join by Michael Jenkins, a veteran toolset implementer with over 20 such projects behind him as they discuss what happens in an ‘out of the box’ implementation.

    They will discuss how to pick a toolset, the value of use cases, what happens on the vendor ‘demo day’ and what sort of actions you can be undertaking prior to the chosen vendor starting their implementation in order to speed up the process and make sure that your most expensive ITSM decision returns real value.
  • There’s a sea change taking place in service and how consumer ‘journeys’ are taking place. Howard Kendall, founder of the SDI, has spent much time keeping track of what is really going on, how customer expectations are changing, and how we can use leverage this in the service desk industry.

    Join Howard for an informative discussion on how service desk can successfully rise to the challenge of delivering excellent customer service, meeting, and possibly surpassing, the expectations of the customers they support. Howard will provide some top tips that will help to win the hearts and minds of service desk customers and build stronger relationships with end-user constituents, elevating the position of the service desk within the IT organisation.
  • Channel
  • Channel profile
Up Down
  • Manage Network Complexity and Control Access Risk Recorded: Mar 11 2013 63 mins
    Financial institutions spend billions of dollars on firewalls, proxies, routers and other devices to prevent unauthorized access to their network, but security breaches continue to plague the industry.

    While faced with a barrage of attacks, CISOs are dealing with increasingly complex networks due to the cumulative demands of users as well as connectivity requirements, business operations and regulatory compliance mandates. As a result of this increased complexity, financial organizations' IT resources are struggling to meet today's required security standards.

    Join Wall Street & Technology senior editor Melanie Rodier and RedSeal Networks for this webcast, and learn how to:

    - Effectively pinpoint weaknesses and risk through complete end to end network visibility.
    - Proactively protect your network against security breaches and prioritize vulnerabilities for more effective remediation.
    - Gain the ability to comply with internal and external compliance requirements while cutting compliance costs.
  • Complete Vulnerability Management from McAfee and RedSeal Recorded: Nov 6 2012 45 mins
    Most large enterprises identify thousands of vulnerabilities every time they conduct a vulnerability assessment. But scanning for vulnerabilities is only the first step—figuring out which vulnerabilities truly matter is the subsequent challenge.

    • Is critical financial information at risk because a vulnerability is exposed to the Internet or extranet?
    • Has a vulnerability already been effectively mitigated with network-level controls?
    • Do vulnerabilities in minor systems allow a hacker to leapfrog to more critical systems?

    Join McAfee and RedSeal for an informative webcast to learn why prioritizing remediation efforts according to risk is essential to effective vulnerability management and how the RedSeal Vulnerability Advisor software integrates and analyzes the vulnerability information collected by McAfee’s Vulnerability Manager to give organizations true insight into their vulnerability risk.
  • Jumpstart to RedSeal Demo - LIVE Recorded: Aug 21 2012 30 mins
    The “Jumpstart to RedSeal” demo provides you with a 20 minute overview of the company, what the product does, customer challenges, and how the RedSeal 5 Platform can address them. The highlight - a 15 minute demonstration of the RedSeal UI and reporting features - details how networks can improve their attack defenses, prioritize vulnerabilities based on exposure, evaluate for compliance, and enhance firewall change management processes.
  • How To Use Predictive Network Threat Modeling To Eliminate Internal and External Recorded: Aug 13 2012 49 mins
    A Wall Street & Technology Webcast: With cyber espionage currently responsible for $13 billion in losses to the U.S. economy, according to the FBI, finding ways to predict and prevent future cyber attacks is vital for businesses. On Wall Street, as the number of devices on enterprise networks continues to grow, cyber espionage perpetrators are capitalizing on the increased complexity of network access to compromise critical data assets. A proactive approach that includes predictive security using visualized network modeling can help you identify access pathways and the associated vulnerabilities and quickly pinpoint the specific systems and devices most susceptible to attack.
  • Jumpstart to RedSeal Demo - LIVE Recorded: Aug 9 2012 33 mins
    The “Jumpstart to RedSeal” demo provides you with a 20 minute overview of the company, what the product does, customer challenges, and how the RedSeal 5 Platform can address them. The highlight - a 15 minute demonstration of the RedSeal UI and reporting features - details how networks can improve their attack defenses, prioritize vulnerabilities based on exposure, evaluate for compliance, and enhance firewall change management processes.
  • Jumpstart to RedSeal Demo Recorded: Jun 7 2012 33 mins
    The “Jumpstart to RedSeal” demo provides you with a 20 minute overview of the company, what the product does, customer challenges, and how the RedSeal 5 Platform can address them. The highlight - a 15 minute demonstration of the RedSeal UI and reporting features - details how networks can improve their attack defenses, prioritize vulnerabilities based on exposure, evaluate for compliance, and enhance firewall change management.
  • Tips to Avoid the Mortal Sins That Undermine Network Security Recorded: May 30 2012 63 mins
    Prevent the hellish mistakes that undermine security effectiveness.

    Join network security experts Eric Hanselman, Research Director at 451 Research, and Dr. Mike Lloyd, CTO at RedSeal, for this fact-filled webcast where they’ll share their list of the most egregious errors found in network security management, based on hands-on analysis and observation of some of the most complex network environments in the world.

    This session will include details on how and why these painful mistakes manifest themselves, and tips on what you can do to prevent them, followed by open Q&A.

    Don’t miss this unique learning opportunity!

    Register now.
  • Security Metrics That Matter: Improving Visibility and Effectiveness Recorded: Apr 26 2012 56 mins
    Security metrics for improving management have long been an issue of discussion and debate across the industry. Some experts and practitioners contend that we need these key indicators if we’re ever going to drive down real-world risk, while others think that the concept can’t be applied practically. Some experts feel that we just haven’t found the right numbers to measure security effectiveness yet.

    Count RedSeal Networks among the final group… although we think that we’ve made some important headway in helping organizations unearth those figures that will actually allow them to better trend and improve their rates of success.

    Expanding on his sold-out keynote at Security BSidesSD, join RedSeal CTO Dr. Mike Lloyd for a webcast: Security Metrics that Matter
    As part of his presentation Dr. Mike will outline:

    •Why previous metrics efforts have under-delivered
    •The need to tie measurement to underlying business value
    •How you can build metrics that truly measure effectiveness

    As an added bonus, we’ll also release the results of our in-booth RSA survey: “Panning for Gold in the Avalanche: Security Pros Still Searching for Metrics”

    Don’t miss this chance to hear this compelling new research that surfaces the opinions that you and your colleagues at RSA shared with us.

    Hear about your peers’ current level of visibility into network access and risk exposure, the desire for new security metrics, and how RedSeal can help.
  • What's the ROI on RedSeal? Applying the IANS "Return on Security" Model Recorded: Feb 7 2012 60 mins
    Every organization wants to know the answer but few have even attempted to quantify it: What's my ROI, or return, on IT security?

    Until now.

    Using its proprietary (yet public) methodology, research and best practices specialists IANS has begun helping CSOs and other security officials deduce and measure precisely what they're getting in exchange for all the money they spend. In late 2011, IANS conducted such a study on automotive market experts Polk, specifically related to the company's use of RedSeal solutions.

    Please join us for this highly informative webcast during which IANS Faculty Member and industry analyst Diana Kelley outlines the ROS process and guidelines, and then hosts a discussion with Ethan Steiger, Chief Security Officer, Polk about his experiences and milestones using RedSeal. Joining the call will be RedSeal CTO Dr. Mike Lloyd, to provide color commentary and yes, that cool, smart-sounding foreign accent.

    In addition to a general overview of the Polk use case, hear more about how the company leveraged RedSeal's proactive security intelligence solution to save time and money, lower real-world risk, automate and simplify regulatory compliance, and garner an ROI figure of¦ yes, $30 million!

    How did IANS arrive at such a massive number? Let's face it, you can spend a lot of money responding to a breach. Though, while that's true, it's truly just a small piece of the larger story.
  • Network Security – Measuring the Immeasurable Recorded: Dec 15 2011 64 mins
    Security is inherently intangible, so answering questions such as "Is my network secure?” are considerably complex. The ultimate goal is the absence of a breach – how do you measure and show improvement to your internal and external audience?

    The traditional approach has been to measure activity – all of the processes that can be recorded: How many times did you change the firewall? How many patches did you deploy? How many times did you update your antivirus signatures? While collecting this data may pacify the auditors, the problem is that you’re measuring busyness, not your business.

    In this webinar featuring Securosis analyst and president Mike Rothman, we will explore:
    •Today’s security metrics – what most organizations are collecting today vs actionable and useable metrics for decision support
    •What and how to communicate network security metrics – internal vs external audiences
    •Practical measurement of risk – technology to assess how well your work is preventing problems
Monitor network security effectiveness and prioritize risk, today.
Enterprise organizations and government agencies have spent countless years and millions of dollars attempting to segment infrastructure and protect critical assets, but most have no idea how well layered defenses actually work.

Security, networking and audit staff have no centralized means of visualizing the state of protection or current attack surface, end-to-end, or communicating that intelligence.

Management cannot determine the ROI of security spend; risk is prioritized using static ranking; circumvention of simple controls still enables most breaches.

Enter RedSeal Networks, the only provider of proactive security management solutions that offer a continuous method of assessing IT protection and risk exposure. Pinpoint the precise level of access permitted across security infrastructure, informed by the business value of underlying host assets and data. Prioritize risk, validate compliance and manage security using quantitative analysis.

Try RedSeal solutions today.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Security Metrics That Matter: Improving Visibility and Effectiveness
  • Live at: Apr 26 2012 10:00 pm
  • Presented by: Dr. Mike Lloyd, CTO, RedSeal Networks
  • From:
Your email has been sent.
or close
You must be logged in to email this