DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Get Help
CyberMaterial
Home Blog

Cybersecurity KRIs to track

Reading Time: 3 mins read
in Blog

 

Cybersecurity KRIs to track

Number of applications currently running in the organization without a service level agreement (SLA): Without an SLA, your organization may be engaging with a high-risk vendor. The vendor may not adhere to your regulations or they could end service at any moment, causing a disruption in the business.

Number of ISP outages: High numbers of outages can be an indicator that it’s time to change providers. Especially if you provide online services, outages can mean business comes to a full stop.

Number of system backup failures: New or upgraded software can cause backup failure, or there could be misconfigurations due to overly customizable software that result in backup failures.

Total discrepancy (dollars) of IT budget versus actual: Over-spending in IT can mean critical or new tools go unfunded. Under-spending can mean IT is overlooking important investments or isn’t budgeting accurately

Average amount of time to resolve IT support requests: Higher time to close tickets can indicate a lack of resources, which may lend itself to larger, undiscovered issues which could cause business interruptions.

Average time between employee termination and disabling of accounts/ termination of access to all systems: Allowing terminated employees to continue to access data and systems could lead to serious data breaches.

Time to resolve a critical incident and the number of critical incidents: Extended time to resolve a critical incident may infer that the organization’s critical incident procedure requires an overhaul

Number of company-issued phones without monitoring software installed: Monitoring software can locate a lost or stolen phone, and wipe the data before it gets into the wrong hands. All company-issued phones should have this software installed.

Number of active default database administrator accounts: Pre-configured default database administrator accounts means if an event were to happen, you can’t tie it back to an individual and resolve the issue.

Time to respond to requests for personal data: Massive fines can be issued for organizations who breach GDPR. This could cause serious financial and reputational damage.

Number of concurrent system logins using the same ID: Could indicate an employee has shared their login credentials with an unauthorized individual who shouldn’t have access to confidential information.

Total number of users with similar roles but dissimilar security assignments: This could indicate that one employee may be accessing customer data files that they shouldn’t.

Number of employees who click on IT-sent phishing emails: By setting up and testing employees with fake phishing emails, you can identify those employees that require additional security training.

Pass/fail results for employee information security training: Employees who fail or don’t complete security training regularly increase the risk of customer information being shared.

Frequency of review of high, elevated (privileged) permissions on IT systems: These accounts are more likely to be targeted by cyber attackers to gain access to confidential or customer data.

SOURCE

Tags: Blog PostCybersecurityKey Performance and Risk IndicatorsKey Performance and Risk Indicators Blog
ADVERTISEMENT

Related Posts

Why should you care about passwords?

Why should you care about passwords?

March 30, 2023
What and why should you know about cyber attackers?

What and why should you know about cyber attackers?

March 24, 2023
Why should email security matter to you?

Why should email security matter to you?

March 16, 2023
How To Browse The Internet Safely With A VPN

How To Browse The Internet Safely With A VPN

March 10, 2023

More Articles

Documentary

Hackers: Wizards of the Electronic Age (1984)

September 12, 2020
Alerts

Sanctioned Crypto Mixer Blender Reappears Under New Name

February 15, 2023

Video Game Streamer ‘Twitch’ Confirms Massive Data Breach

October 6, 2021
Incidents

Tenet Health investigating Cybersecurity Incident

April 27, 2022
News

Florida Man Guilty: Selling Fake Cisco Gear

June 8, 2023
Book

Information security policies, procedures, and standards

August 10, 2022
Cyber101

Mean Time Between Failures (MTBF)

June 21, 2022
Incidents

Amnesty International Canada Says It Was Hacked by Beijing

December 6, 2022
Load More

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.