- Describes the basic components of a metrics program, as well as the business context for metrics
- Provides guidelines to help security managers leverage the volumes of data their security operations already create
- Identifies the metrics security executives have found tend to best serve security’s unique (and often misunderstood) missions
- Includes 375 real examples of security metrics across 13 categories
Table of Contents
- About the Author
- Digital Assets
- Chapter 1. The Basics
- Why measure, why metrics?
- What are security metrics?
- What are the components of a measures and metrics program?
- Opening exercise: what is the real cost of security in your company?
- Good metrics are SMART
- Chapter 2. Types of Metrics and Performance Indicators Appropriate to the Security Mission
- Influential initiatives from the corner office
- The CSO dashboard
- Cost-effectiveness analysis
- Criticality ranking
- Task analysis and work breakdown structures
- The business unit security scorecard
- Diagnostic measures
- Business hygiene and insider risk
- Chapter 3. Building a Model Appropriate to Your Needs
- Does the business we are in make a difference?
- What should we measure?
- What are your objectives with these data?
- Roles and responsibilities
- How do we present the information to the target audience?
- What’s next?
- Appendix 1. Examples of Security-Related Measures and Metrics
- Appendix 2. Sample High-Level Security Work Breakdown Structure
- Appendix 3. Risk Measure Maps
- About Elsevier's Security Executive Council Risk Management Portfolio
About the Author
Prior to working at Fidelity Investments, Campbell owned a security and consulting firm, which specialized in risk assessment and security program management. He has also been group vice president at a system engineering firm that supported government security programs at high-threat sites around the world. Early on in his career, Campbell worked in the criminal justice system, and served in various line and senior management positions within federal, state, and local government agencies.
Campbell received his bachelor’s degree in police administration from American University in Washington, D.C. He served on the board of directors of the International Security Management Association (ISMA), and as ISMA’s president in 2003. Campbell is also a long-time member of ASIS International. He is a former member of the National Council on Crime Prevention, the High Technology Crime Investigation Association, and the Association of Certified Fraud Examiners, and is an alumnus of the U.S. State Department’s Overseas Security Advisory Council.