Hi all!
My name is Alberto and Im new in this forum, but I have three years of experience in IT security.
Currently Im doing a job about security indicators that help to understand if IT department is doing a good job about security.
Im looking for numeric indicators like:
number of hours/man dedicated to review configurations/install patches/search prohibit material in work stations
Or
$/years invested in improve security/buy resources (antivirus/firewalls/fingerprint scanners/cameras,and other security stuffs)
Or
yearly average of virus incidents
Or
Number of unsuccesfull logon events/month
Do you get the idea?
The objective is to messure how well the security strategy is going on, and numbers are the best methods to compair.
I'll appreciate any kind of help!
Best regards to all of you and excusee mi english