Session Abstract: Security professionals often struggle with the getting the cycles from IT to address the most pressing concerns of the information security program. In this session we will explore the motivators of IT leadership and how to refocus some of that effort on addressing the concerns of the CISO. This will include a look at traditional IT Key Performance Indicators, how to measure security performance attributable to IT efforts, and building recommendations to organizational leadership on metrics that can be applied to IT leadership performance reviews.

Summary: In this session we will discuss methods to incentivize IT leadership to refocus on information security concerns through developing and report on performance review metrics.

Additional Information: