By: Risk-Based Security
Time Is of the Essence
When it comes to compliance, the most important metric for IT professionals is mean-time-to-patch, according to 49% of them.
You Didn't Do That, Did You?
33% of IT pros spend most of their compliance time determining whether employees violated any policies, which is also a top concern.
Protecting Against Threats
Determining whether endpoints are free from malware and viruses is an important metric among 45% of IT pros tasked with protecting against threats.
Living in a Quantifiable World
35% of IT pros say that reducing data breaches is enough of a metric to judge performance even though the numbers don't always add up.
It's All About Knowledge
The trouble with measuring performance on outbreaks is that not all of the outbreaks are discovered. That's why 35% of IT professionals like to monitor vulnerabilities and eliminate those.
Time Waits for No One
Just 13% of IT pros are concerned about the mean time to detect a security incident, while only 8% measured how long it took to fix a security problem.
The Cost of Doing Business
52% of IT professionals evaluate performance based on their ability to reduce the cost of security management.
A Lack of Measuring
Once again, time is largely an afterthought, with only 5% of IT pros indicating that the length of time to contain security breaches and exploits is measured in their department.
Budgets, Budgets, Budgets
49% of security professionals say they're judged based on their ability to effectively stay within budget.
What About the Training?
IT professionals want business-side employees to receive the proper security training they need to reduce the types of risky behavior that sends corporate networks into lockdown.
