Impact Makers’ Chief Information Security Officer (CISO), Principal Consultant and Governance Risk and Compliance Practice Lead Cathie Brown, CGEIT, PMP, CISM, CISSP presented a break out session at the Commonwealth Information Security Conference on April 8, 2016.
Titled “Information Security Program Maturity & Metrics: Taking It to the Next Level,” the presentation focused on assessing security program maturity using the NIST PRISMA (Program Review for Information Security Management Assistance) maturity model and the role of security metrics to increase the overall program maturity.
Having a mature Information Security program is more than having policies and tools. It takes a change in the culture to actually implement processes, raise awareness and share information among all stakeholders.
Cathie shared information on:
- Why measuring the maturity of your security program is important
- How to use the PRISMA model to measure the maturity of your program
- How metrics play a role in measuring and increasing the maturity of the program
See the full PowerPoint Presentation to learn more.