Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


The CISO's Guide to Metrics that Matter in 2021

Jun 21, 2021

The security metrics that teams traditionally use lack context and fail to provide insights needed to make strategic decisions, leaving CISOs struggling to show ROI, identify critical gaps, and gain the support across the organization to mature their security program. This can leave security teams with a false sense of confidence and a less-than-optimal budget, all the while risk increases. By applying the security metrics that matter, CISOs can mature their security programs and articulate value to boards, peers, and technical team members.

Our latest version of the guide, updated for the 2021 landscape, includes:

  • Example of what metrics to use and not to use
  • How to derive meaning from metrics to show ROI, identify program gaps, and build budget
  • Communication frameworks to enable support across the business