Top 3 Cybersecurity Metrics To Begin Tracking
By:Â Melissa Stevens, Senior Digital Marketing Manager, BitSight
Creating a vendor risk management program is of utmost importance in todayâs threat landscape. So if you donât have a program in place already, you may be wondering whereâand howâyou should get started. One of the building blocks for any security program is the creation of actionable cybersecurity metrics. These will help you go beyond âyesâ and ânoâ answers in your own organization (and your vendorsâ) and see exactly how well-prepared your company is to protect against cyberthreats.
Below, BitSight has outlined three of the most important metrics your credit union should start monitoring right away.
1) Number of botnet infections per device over a period of time.
This is, without a doubt, the number one cybersecurity metric that every credit union must monitor. By examining how many botnet infections have taken place on your networkâand what types of botnets youâve dealt withâyou can better prepare for (and protect yourself against) these types of attacks.
For example, if your organization is able to successfully track this metric, you may be able to shorten the detection deficit. Let me explain. The quicker you can identify a security breach or incident and fix it, the less likely you are to have something catastrophic happen to your organization. In other words, the greater the speed at which you can identify that something is happening on your corporate network and appropriately respond to it, the greater the likelihood of preventing the hacker from getting a foothold in your organization. If youâre able to keep that amount of time as close to zero as possible, youâll be in far greater shape.
The problem is, many organizations donât just have a gap of minutes between the intrusion and the solutionâsometimes it takes them hours, days, weeks, or even months to identify and fix a security breach (this is where the term âdetection deficitâ comes in). By closely monitoring the number of botnet infections that take place on your corporate networkâand the time it takes you to remediate those infectionsâyouâll be taking important steps toward reducing this deficit.
2) Percentage of employees with super-user access who are monitored.
Whether through an insider that has decided to go rogue or an external attacker who is trying to take advantage of someoneâs super-user privileges, gaining control to âthe key to the kingdomâ gives a hacker everything they need to take control of a corporate infrastructure and wreak significant material damage. Knowing who has super-user access and monitoring those individuals closely for internal or external issues is a very important metric for this reason. Also, this will provide you with enough insight to determine whether youâre providing too many individuals with unlimited network access, so you can reduce privileges to those individuals who actually need it.
3) Percentage of critical vendors whose cybersecurity effectiveness is continuously monitored.
Traditional vendor risk management practices only offer you a snapshot in time. Even if you perform audits, penetration tests, and vulnerability scans, you still wonât know whatâs going on with your vendorsâ security on a day-to-day basis. But continuous risk monitoring changes this. It allows you to look at the third parties youâve deemed as criticalâusually those who have access to sensitive data or direct corporate network connectionsâand determine in real-time how theyâre performing in regard to cybersecurity. This will allow you to make data-driven decisions about those vendors that are best for your organization.
BitSight is the NAFCU Services Preferred Partner for Cybersecurity Rating. Learn more at www.nafcu.org/bitsight.