Vendor Risk Management

Top 3 Cybersecurity Metrics To Start Tracking

Melissa Stevens | March 1, 2016

Creating a vendor risk management program is of utmost importance in today’s threat landscape. So if you don’t have a program in place already, you may be wondering where—and how—you should get started. One of the building blocks for any security program is the creation of actionable cybersecurity metrics. These will help you go beyond “yes” and “no” answers in your own organization (and your vendors’) and see exactly how well-prepared your company is to protect against cyberthreats.

Below, we’ve outlined three of the most important metrics you should start monitoring right away.

Top 3 Cybersecurity Metrics To Begin Tracking

1. Number of botnet infections per device over a period of time.

 This is, without a doubt, the number one cybersecurity metric that every organization must monitor. By examining how many botnet infections have taken place on your network—and what types of botnets you’ve dealt with—you can better prepare for (and protect yourself against) these types of attacks.

See Also: 12 Cybersecurity Metrics Your Vendors (And You) Should Be Watching

For example, if your organization is able to successfully track this metric, you may be able to shorten the detection deficit. Let me explain. The quicker you can identify a security breach or incident and fix it, the less likely you are to have something catastrophic happen to your organization. In other words, the greater the speed at which you can identify that something is happening on your corporate network and appropriately respond to it, the greater the likelihood of preventing the hacker from getting a foothold in your organization. If you’re able to keep that amount of time as close to zero as possible, you’ll be in far greater shape.

The problem is, many organizations don’t just have a gap of minutes between the intrusion and the solution—sometimes it takes them hours, days, weeks, or even months to identify and fix a security breach (this is where the term “detection deficit” comes in). By closely monitoring the number of botnet infections that take place on your corporate network—and the time it takes you to remediate those infections—you’ll be taking important steps toward reducing this deficit.

2. Percentage of employees with super-user access who are monitored.

Whether through an insider that has decided to go rogue or an external attacker who is trying to take advantage of someone’s super-user privileges, gaining control to “the key to the kingdom” gives a hacker everything they need to take control of a corporate infrastructure and wreak significant material damage. Knowing who has super-user access and monitoring those individuals closely for internal or external issues is a very important metric for this reason. Also, this will provide you with enough insight to determine whether you’re providing too many individuals with unlimited network access, so you can reduce privileges to those individuals who actually need it.

3. Percentage of critical vendors whose cybersecurity effectiveness is continuously monitored.

Traditional vendor risk management practices only offer you a snapshot in time. Even if you perform audits, penetration tests, and vulnerability scans, you still won’t know what’s going on with your vendors’ security on a day-to-day basis. But continuous risk monitoring changes this. It allows you to look at the third parties you’ve deemed as critical—usually those who have access to sensitive data or direct corporate network connections—and determine in real-time how they’re performing in regard to cybersecurity. This will allow you to make data-driven decisions about those vendors that are best for your organization.

In Conclusion

As previously mentioned, these three cybersecurity metric examples will make up only a small portion of the metrics you should be monitoring. If you’re ready for a more in-depth look at metrics to use, our latest ebook is for you. We’ve detailed 12 actionable metrics that will help you assess your security posture and the security posture of your third parties. It isn’t by any means exhaustive, but it is a great place to start.

Download Guide: 12


Suggested Posts

Mitigating Risk in Your Expanding Digital Ecosystem

As time goes on, organizations are taking on more and more new digital transformation initiatives to become increasingly agile and boost productivity — dramatically transforming the number of digital touchpoints employees interact with on...


FBI Alerts Companies of Cyber Attacks Aimed at Supply Chains

Earlier this month, ZDNet broke the news that the FBI had sent a cybersecurity alert to the U.S. private sector warning of an ongoing hacking campaign against supply chain software providers. According to the FBI, hackers are attempting to...


Guide: Fourth-Party Cyber Risk & Management

In today’s interconnected world, supply chains are growing exponentially. As a result, third-party risk has become a big focus for senior management. But what about the vendors that your suppliers rely on and the threat of fourth-party...


Subscribe to get security news and updates in your inbox.