InfoSec-Specific Executive Development for CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive labs to build you and your team's InfoSec skills
Regardless of the audience, security must focus on telling a story. Metrics and key performance indicators (KPIs) play an increasingly important role in the narratives that drive the design, deployment, and operation of efficient, reliable, and robust
networks. This piece offers a step-by-step process for creating network-focused performance metrics and KPIs that resonate with executive leadership.
The following process can be used as a general guide to create effective network performance metrics and KPIs that support your organization’s specific goals and story.
It’s difficult for an organization to successfully implement effective network performance metrics and KPIs without dedicated and qualified resources. A network performance program needs people that understand data analysis, network/security engineering
and data science. Look to your network and security teams and select based on experience and interest. Also, incident response resources generally have some of the data analysis and engineering experience required.
Additionally, business intelligence (BI) tools are important when dealing with large and varied datasets. Examples include, but are not limited to toolsets like Microsoft Power BI and Tableau. Alternatively, Advizor Solutions provides a minimal BI tool that is useful for simple
and fast iteration on small datasets.
Begin with the data and metrics you already have. This is known as “reverse-modeling” and has the advantage of providing quick access to potential network performance metrics and KPIs for your goal and story arc development. The downside is
your existing data fidelity directly impacts your situational awareness as well as the caliber of your goals and story.
Focus on gathering and storing accurate and complete data in an efficient and cost-effective way. Also, consider prioritizing the implementation of a centralized event data repository (e.g., a SIEM like Splunk), where network and security telemetry are
stored (if it does not already exist).
Select metrics from the data that are meaningful and lend themselves to the development of your goal and story arc. As you consider and prioritize your metrics, consider the following characteristics:
Your story should be aligned with your goal and supported by the situational awareness that comes from your data and metrics. Other factors, including goals and expectations set by your organization’s leadership, external factors and circumstances
outside your control should also be included. When formulating your goal and story, consider the following questions:
KPIs start with one of more metrics, followed by the current state and ending with the goal state. As you compose your KPIs, keep your audience in mind. What individual audience members want, need, or expect from a network performance metrics and KPI
presentation varies greatly, but in general, executives likely want to know the answers to the following:
Once you have a better understanding of your existing metrics and have clarity about your goal and how you want to communicate your story, you can consider enhancing your existing metrics with additional measurements. This is known as “forward-modeling,”
and relies on insights about your requirements and needs to drive the selection of measurements.
Metrics and KPIs are almost infinitely varied in options, combinations, views, and the stories they tell. That said, some common mistakes and pitfalls to try and avoid when building a network performance metrics dashboard include:
Figure 2 shows a nice, colorful metric with a signal-to-noise ratio approaching zero and no meaningful context. It begs the questions, “Is this good or bad?” and “Is there anything in this metric that we care about?”
Test each of your metrics, views, and trends with these three simple questions:
If you cannot clearly and concisely answer these three questions, then it is not the right metric, view, or trend.
To improve your chances of success with your network performance metrics when reporting to IT leadership of executive leadership, consider the following tips:
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.
October 19, 2021
By IANS Faculty
Continuous compliance requires continuous monitoring and validation of controls in the environment, as well as integration with governance, risk management and compliance tools and platforms. Understand the processes, tools, stakeholders and focus required for a best practice continuous compliance program.
October 14, 2021
Learn how the DDoS threat is evolving and get a step-by-step playbook to ensure your organization is protected against DDoS attacks and has a response plan in place.
October 12, 2021
Uncertain how to secure your M365 environment? Our Faculty identify and explain the five primary areas of M365 that will provide the best security return-on-investment with the least user experience impacts.