Join the LiveCall

Please call Line 1 at (916) 469-4750. PIN: 541628.
Wednesday, August 17th
8:00-9:00am PDT

Rick Grandy & Gregg Serene,
Lockheed Martin

The presenter(s) will not be making the same presentation as at the IT Summit, but instead will present a brief overview and then engage with the participants. The abstract below is provided to give you a sense of their interest:

How do you know if your cyber security program is healthy? Is passing audits and the absence of “bad news” enough? The cyber security team at the Department of Energy Hanford site has implemented a detailed set of cyber security metrics that provide significantly better insight into the performance of the program. In developing these metrics, the team reviewed metrics and metrics guidance from a number of sources and selected the Center for Internet Security (CIS) Consensus Metric Definitions as the starting point. This session will discuss our evaluation of various metrics standards, why we selected the CIS metrics, the issues we discovered during our feasibility study and the lessons learned for getting a metrics program off the ground. The target audience is security practitioners who are interested in the real-life experiences of peers who are attempting to develop usable, affordable and actionable security metrics.