A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Size Doesn't Matter : Metrics and Other Four Letter Security Words - Jim Menkevich BSides Philadelphia 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Size Doesn't Matter : Metrics and Other Four Letter Security Words
Jim Menkevich
@JimMenkevich
BSides Philadelphia 2016

You are here. No really, you are here. But how do you know where here is? How do you know if you're better or worse than your industry counterparts? Maintaining an effective security program requires focus on metrics and frameworks as a backdrop to narrate a larger story about the threat landscape and your organization. My talk will focus in on how to get started on security metrics fundamentals, use of frameworks such as CSF and CSC20 and how to translate this into business language so everyone from a sysadmin to the C-Suite can understand.

Jim Menkevich is an Information Security, Privacy and Risk Management professional with 17+ years of experience. Through his career he has lead teams in Cybersecurity, Enterprise Architecture, Systems Integration and Application Development. Jim specializes in applying methodologies, frameworks and ideas outside of the intended domain which generate new and fresh angles to address industry challenges. When he's not working, Jim enjoys writing poetry, running and spending time with his family. Jim is currently the Director of Data Protection and Security Governance at Health Partners Plans in Philadelphia.

Recorded at BSides Philly 2016

Back to BSides Philly video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast