Show Menu

Metrics to Track Cybersecurity Efforts Cheat Sheet by

Steps to improve cybersecurity
cybersecurity     metrics     baseline     track


The steps taken by the federal government are just starting points, and much work is yet to be done to improve the security of IT systems, data and critical infras­tru­cture. Jim Richmann, Study Director of Cybers­ecurity Research, Institute of Defense Analyses, recently spoke during a GovLoop webinar, Combating the Cyber Landscape. Richmann’s presen­tation focused on how agencies can establish cyber metrics to improve security strate­gies. Prior to identi­fying potential metrics for agencies to adopt, Richmann provided an overview of the founda­tional elements needed to create metrics at an agency. Four areas he focused on were:

Founda­tional Elements Needed to Create Metrics

Understand Your Cybers­ecurity Founda­tion: This foundation includes hardware and software assets, including, routers, switches, physical point-­to-­point circuits, SANs, management tools, satellite links and wireless hubs.

Know Your Dedicated Defense Assets: These assets are designed only to provide cyber defense. These elements include enterprise virus scanning software, intrusion detection systems, firewalls and PKI.

Identify Your Unique Cyberspace Assets:
These assets exist only in cybers­pace. Some examples include end-user hardware clients, applic­ation servers, web servers, mobile devices, web servers, ERP systems, printers, scanners and applic­ation software.

Assets that Leverage Cybers­pace: These assets utilize cybers­pace, but their primary existence and function is in other domains. Some examples include weapons systems, related platforms, support systems and infras­tru­cture.

Potential Metrics

In the presen­tation, Richmann identified 19 potential metrics for agencies to use, but cautioned that agencies must
tailor their metrics to meet their needs. The examples he presented were:
1. Percentage of source traffic covered by founda­tional cyber defense assets in DMZs
2. Currency of enterprise virus signatures
3. Percentage of client systems that have current enterprise virus signatures
4. Percentage of desktops with automated patching
5. Percentage of desktops with automated integrity checking
6. Volume of traffic blocked at border router (segmented by type)
7. Blocked port scan volume at border router
8. Currency of firmware patches for founda­tional cyber defense assets
9. Known zero day export exposure (publicly known)
10. Uptime and availa­bility for assets
11. Number of cyber attacks that are detected: Viruses, spam, phishing attacks, etc.
12. Assets not patched to current standard
13. Firmware not updated to enterprise standards
14. Assets failing integrity check
15. Non-st­andard software instal­lations detected
16. Known zero-day exploit exposure (publicly known)
17. Currency of required admini­strator training
18. Vulner­ability scan statistics
19. Source code scan results (where available and applic­able)
Cybers­ecurity is only effective when agencies can baseline and measure success. In order to do so, agencies must place an emphasis on defining metrics that fit organi­zat­ional need, and work diligently to identify risks, assess vulner­abi­lities and create a robust set of metrics to measure success.

Download the Metrics to Track Cybersecurity Efforts Cheat Sheet

1 Page

PDF (recommended)

Alternative Downloads

Share This Cheat Sheet!



No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          LED Label Metrics Cheat Sheet

          More Cheat Sheets by Davidpol

          SNF: Discharge Planning Checklist Cheat Sheet