Cyber Security Metrics
Application Security Metrics
As smartphones increasingly become mainstream for consumers’ financial lives, their value to fraudsters has risen accordingly. Mobile shopping, mobile wallets (M-PESA), and person-to-person (P2P) payments all offer new avenues for fraud, and much of the next generation of authentication solutions flows through consumers’ phones. Although mobile malware is still a new threat in Kenyan markets, the potential risk is tremendous as malware operators and fraudster shift their focus to this new vector. This necessitates that financial institutions begin securing apps and adapting proper authentication to address the threat of mobile malware before it fully affects all areas of an economy and all markets.
Configuration Changes Metrics
These include the mean time for completing configuration changes, the percentage of those changes requiring a security review, and the percentage being assigned security exceptions.
We assess budget allocations to your Information Security, and the percentage of the overall IT budget and give your organization’s Return on Security Investment (ROSI: Amount spent versus the value received in reduced risk or money saved).
Incident Management Metrics
Shows your Incident rates (how often they occur) and the mean time for discovering them, the time taken to recover from the incident, and the mean time between the occurrence of security incidents. We also help you to review your internal controls as a safeguard.
We help your organization to measure the percentage of systems which are current with patches, as well as compliance with their existing patch policy. The mean time to patch and the percentage of vulnerabilities patched within a policy period.
We work with your organization to reduce the mean time required for mitigating vulnerabilities and the time to remediate (TTR) in cases of infection or compromise.
Sharing Metric Results
We present to you these metrics regularly as an ongoing security measure. The data set reports will be in an electronic and paper format.
Mon - Friday 9am - 5pm
Saturdays 9am - 1pm
Note: We have expert consultants and experienced auditors for international standards and schemes concerning information/cyber security.
SIMPLY THE BEST SECURITY COMPANY
Trustcom can help you to understand the standards appropriate to your organization and how to achieve them.