Drift metrics can help measure how well-managed an enterprise’s technology assets are. CISOs can mine data contained in mainstream cloud configuration tools to understand conformance or divergence from expected states.
Google’s approach to measuring site reliability has much to recommend it. CISOs can steal a leaf from their book.
I was reading Rich Beijtlich’s blog today, and came across that quote from a commenter known only as JimmyTheGeek. Wonderfully funny, and spot on.
Before the holidays I ran a quick, three-question, survey of the securitymetrics.org mailing list membership about the number of passwords people use. Here are the results, drawn from 51 responses (not bad, considering the list membership is about 400 people). I’d promised the respondents that I’d share the results… so here they are.