point in time security assessments or security performance management that is more continuous / automated - which do you prefer ?  Check out this paper by Ed Amoroso - retired ATT Chief Security Officer - founder of TAG Cyber  https://www.tag-cyber.com/analysis/white-papers/requirements-for-security-performance-management

People & LeadershipGovernance, Risk & Compliance

I plan to rely on static annual external assessments of security to judge effectiveness69%

I plan to look at security performance management capabilities to assess continuously my security effectiveness30%

251 PARTICIPANTS
1.1k viewscircle icon2 Upvotescircle icon1 Comment
Sort by:
Chief Evangelist in IT Services2 years ago

Unfortunately the link is broken

Lightbulb on1

Content you might like

Which cybersecurity metrics do you currently use with your board?

Read More Comments

Have you used or evaluated any AI-driven SOC platforms? Do you think there are sufficient advantages to using an AI SOC analyst at this stage, or are you in ‘wait-and-see’ mode until solutions like this mature?

What's your most indispensable cloud infrastructure tools to use in addition to what you get from GCP, AWS, Azure?

HashiCorp (Terraform, Vault, Packer, etc.)22%

Cloud infra automation (Ansible, Puppet, Chef, etc.)56%

APM (Datadog, AppD, SignalFX, NewRelic, etc.)10%

Others?10%

View Results

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented 

Read More Comments

What are your organization’s drivers for implementing RegTech?

Support future growth36%

Automate manual processes59%

Demonstrate compliance49%

Reduce risk exposure43%

Improve customer experience16%

Reduce costs13%

View Results