Even with the subjective nature of visibility, organizations can take steps to define and then measure it. In this paper, SANS has presented an objectives approach—a road map— to help organizations establish a strategy. Given that visibility in a cyber world remains data-driven, here’s some basic advice for moving forward:
• State your objectives and any assumptions/constraints
- Decide on your objectives. What questions do you need to answer? What processes must you monitor? Which trends do you want to track? - Understand the roles of each audience. The C-suite may not have the same issues (or attention span) as your SOC director or analyst.
• Identify what you need to achieve your objective. What sources and data do you need to monitor the processes or track trends?
• Frame your outcomes so that your questions have objective answers. Establish meaningful metrics that measure how well things are working and can be used to identify important trends. But be careful to guard against expectation bias.
• Don’t get caught up in the analytics or presentation/visualization “art.” Let the data and the information speak for itself.
Please fill all the required * fields.