Go Unlimited with Magzter GOLD
Get unlimited access to 10,000+ magazines, newspapers and Premium stories for just
Try GOLD - Free
Telling Your Value Story
Security Advisor Middle East
|March 2018
Security leaders must understand metrics as critical tools to explain how security services support the organisation and its strategic objectives, writes Gary Hayslip, global CISO, Webroot.
-
Today, we witness an increasing number of cyber incidents across all industry domains. Boards of directors and senior management are educating themselves on their organisation’s risk exposure to these cyber-related issues. Boards also are seeking a better understanding of the potential for cybersecurity initiatives to enhance their company’s strategic operations. Many board members have questions for their security staff such as, “How secure are we from a particular threat?” or “Can you promise me we won’t be the next [hacked company]?” Security professionals need to be able to answer these questions and help board members understand that cybersecurity does not control the threat landscape facing the company. Instead, the purpose of a mature cybersecurity programme is to provide the business with a platform to manage its risk environment.
A company’s senior management is often responsible for the development of a clear, concise strategy to address threats and vulnerabilities to cyber attacks. The chief information security officer (CISO) is expected to have technologies and security controls in place that reduce the organisation’s risk, as well as processes to monitor the effectiveness of the security programme. It is standard best practice to use a risk management framework, such as NIST CSF, ISO 27001 or COBIT 5, as a platform to establish the current risk baseline. With this platform, selected metrics are chosen as real-time measuring devices to provide visibility into the value being provided to the company.
This story is from the March 2018 edition of Security Advisor Middle East.
Subscribe to Magzter GOLD to access thousands of curated premium stories, and 10,000+ magazines and newspapers.
Already a subscriber? Sign In
MORE STORIES FROM Security Advisor Middle East
Security Advisor Middle East
STARLINK SHARPENS AI-FIRST CYBERSECURITY VISION TO POWER KSA'S NEXT DECADE OF GROWTH
COO AHMED DIAB OUTLINES HOW DEEPER LOCAL INVESTMENT, AGENTIC AUTOMATION, AND VERTICAL-READY SOLUTIONS ARE POSITIONING STARLINK AT THE FOREFRONT OF THE KINGDOM'S CYBER RESILIENCE JOURNEY.
3 mins
December 2025
Security Advisor Middle East
AI AGENTS, MACHINE IDENTITIES TO RESHAPE BOARDROOM CYBERSECURITY PRIORITIES
KEVIN BOCEK, SENIOR VICE PRESIDENT OF INNOVATION AT CYBERARK, EXPLAINS WHY IDENTITY SECURITY WILL DEFINE GOVERNANCE, RESILIENCE AND DIGITAL TRUST IN 2026 AS AI AGENTS AND AUTOMATION RESHAPE CORPORATE DECISION-MAKING IN THE GULF AND BEYOND.
3 mins
December 2025
Security Advisor Middle East
GROUP-IB CHARTS NEXT FRONTIER OF CYBER DEFENCE IN SAUDI ARABIA
DMITRY VOLKOV HIGHLIGHTS HOW AI-DRIVEN THREATS, PREDICTIVE SECURITY, AND REAL-TIME FRAUD INTELLIGENCE SHARING ARE RESHAPING THE KINGDOM'S CYBERSECURITY ECOSYSTEM.
3 mins
December 2025
Security Advisor Middle East
VEEAM POSITIONS TRUSTED DATA AS FOUNDATION FOR SCALING SAFE AI, SAYS
CEO ANAND ESWARAN EXPLAINS HOW THE ACQUISITION OF SECURITI AI UNIFIES DATA RESILIENCE, SECURITY, GOVERNANCE, AND AI TRUST TO HELP ENTERPRISES MOVE AI FROM EXPERIMENTATION TO PRODUCTION WITH CONFIDENCE
3 mins
December 2025
Security Advisor Middle East
GITGUARDIAN ENTERS SAUDI ARABIA TO STRENGHTEN CYBERSECURITY FOR VISION 2030
GitGuardian, global leader in nonhuman identity cybersecurity, has officially entered the Saudi Arabian market by completing a 12-day strategic immersion under Business France's Booster Grow Global program.
3 mins
December 2025
Security Advisor Middle East
GOODBYE 2025, HELLO 2026! CYBER MATURITY MOVES FROM CONFIDENCE TO PROOF
CYBERSECURITY IN THE MIDDLE EAST IS SHIFTING FROM POINT CONTROLS TO ECOSYSTEM RESILIENCE. ATTACKERS ARE EXPLOITING THE SEAMS BETWEEN CLOUD PLATFORMS, AI-DRIVEN APPLICATIONS, PARTNERS, AND SUPPLIERS — WHILE BOARDS AND INSURERS DEMAND PROOF THAT CRITICAL DATA CAN BE RECOVERED CLEANLY, QUICKLY, AND WITHIN JURISDICTION. IN 2026, CYBER MATURITY WILL BE MEASURED, NOT ASSUMED.
12 mins
December 2025
Security Advisor Middle East
REDEFINING TRUST: WHY CREDENTIALS, NOT PASSWORDS, WILL SECURE ENTERPRISE
CRYPTOGRAPHIC, SYSTEM-GOVERNED CREDENTIALS ARE BECOMING THE ONLY SCALABLE FOUNDATION FOR ZERO TRUST SECURITY BEYOND PASSWORDS.
5 mins
December 2025
Security Advisor Middle East
HYBRID VISIBILITY, AI OBSERVABILITY, AND POST- QUANTUM READINESS WILL DEFINE 2026, SAYS GIGAMON OFFICIAL
DANIELLE KINSELLA, SENIOR DIRECTOR SALES ENGINEERING, GIGAMON, EXPLAINS HOW SAUDI ENTERPRISES ARE LEAPFROGGING GLOBAL MARKETS THROUGH GROUND-UP ARCHITECTURES, MULTICLOUD RESILIENCE AND TRAFFIC INTELLIGENCE.
2 mins
December 2025
Security Advisor Middle East
DATA-CENTRIC SECURITY TAKES CENTRE STAGE IN SAUDI ARABIA'S DIGITAL TRANSFORMATION
SECLORE'S URAZ FARUKH EXPLORES HOW THE KINGDOM'S REGULATORY DIRECTION AND AI ADOPTION ARE SHAPING THE FUTURE OF COMPLIANCE AND CYBER RESILIENCE.
2 mins
December 2025
Security Advisor Middle East
SANS INSTITUTE PARTNERS WITH UAE CYBERSECURITY COUNCIL TO ENHANCE NATIONAL CYBER CAPABILITIES AHEAD OF QUANTUM ERA
SANS Institute, the global leader in cybersecurity training and certifications, announced a landmark strategic partnership with the UAE Cybersecurity Council to advance the nation's cybersecurity readiness and reinforce the UAEs long-term vision for a secure and resilient digital future.
2 mins
December 2025
Translate
Change font size