Last Updated on August 9, 2021 by Admin 3
The Chief Information Officer (CIO) has been asked to develop a security dashboard with the relevant metrics. The board of directors will use the dashboard to monitor and track the overall security posture of the organization. The CIO produces a basic report containing both KPI and KRI data in two separate sections for the board to review.
Which of the following BEST meets the needs of the board?
- KRI:
– Compliance with regulations
– Backlog of unresolved security investigations
– Severity of threats and vulnerabilities reported by sensors
– Time to patch critical issues on a monthly basis
KPI:
– Time to resolve open security items
– % of suppliers with approved security control frameworks
– EDR coverage across the fleet
– Threat landscape rating - KRI:
– EDR coverage across the fleet
– Backlog of unresolved security investigations
– Time to patch critical issues on a monthly basis
– Threat landscape rating
KPI:
– Time to resolve open security items
– Compliance with regulations
– % of suppliers with approved security control frameworks
– Severity of threats and vulnerabilities reported by sensors - KRI:
– EDR coverage across the fleet
– % of suppliers with approved security control framework
– Backlog of unresolved security investigations
– Threat landscape rating
KPI:
– Time to resolve open security items
– Compliance with regulations
– Time to patch critical issues on a monthly basis
– Severity of threats and vulnerabilities reported by sensors - KPI:
– Compliance with regulations
– % of suppliers with approved security control frameworks
– Severity of threats and vulnerabilities reported by sensors
– Threat landscape rating
KRI:
– Time to resolve open security items
– Backlog of unresolved security investigations
– EDR coverage across the fleet
– Time to patch critical issues on a monthly basis