Governance Surveys
Center for Inclusive Governance
Modern businesses are increasingly data driven. Boards now routinely use metrics to help inform their strategic and oversight functions on finance, market competition, marketing sales, etc. This Tool describes how metrics can be used to measure the effectiveness of cybersecurity programs and offers advice on how boards can leverage those metrics to conduct oversight of their organization’s cybersecurity programs.
Typically, directors rely on management to develop these metrics and present them in a fashion useful to the board’s oversight mandate. Cybersecurity is not substantially different in this respect.
However, the development of useful cybersecurity metrics has been an evolutionary process. Moreover, with digital technology and underlying systems constantly changing and affecting a growing number of enterprise activities, the type of cybersecurity metrics at both the management and board level need to evolve, as well.
Thank you for your interest in this page.