News
About Us | News | BPM Partner Fred Rica featured in CSO Online article on cybersecurity performance measurement for CISOs
services: Cybersecurity Assessment
Industries: Blockchain and Digital Assets Construction Consumer Business Financial Services Life Science Nonprofit Private Equity Professional Services Real Estate Technology Wine and Agribusiness

Rica explains that most CISOs are drowning in metrics and offers a path forward for boards and CISOs to achieve better business alignment

Security performance metrics are vital for CISOs and their organizations to evaluate and enhance their security posture and justify budget requests to their boards.

The struggle CISOs face isn’t a lack of metrics, but finding data with meaningful business context, according to BPM Advisory Partner Fred Rica. “They don’t generally support or align with business objectives; they don’t support how cyber is enabling the business,” comments Rica.

“Board members need to be asking (and CISOs need to be answering) three simple questions… These are: What are we doing? Is it enough? How do we know?”

“In order to answer these questions and have effective board level metrics that have meaning and context, we first need a cyber program – a program that is based on a standard, that reflects the risk tolerance of the organization, that identifies and focuses effort on the most import assets, that understands and accepts any residual risk, and is focused on defending against the most likely attackers and highest risk events.”

For more about measuring cybersecurity effectiveness, read the full article on CSO Online’s website.

Similar news.
BPM once again named a “Top 100 Firm” and Regional Leader by Accounting Today
April 2, 2024
BPM’s Kristine Malmanis named to North Bay Business Journal’s 40 Under 40
March 29, 2024
BPM’s Rosey Flaherty receives CPA Practice Advisor’s 40 Under 40 award
February 27, 2024