Tenable Blog

At Tenable, our goal is to help our customers truly secure their IT infrastructure and help them make the most of their investments. Today, we are excited to announce the availability of free on-demand training courses, available to our customers, partners, and the general public. We will also continue to offer instructor-led courses virtually, at Tenable classroom facilities, and at customer and partner locations.

Tenable has released its inaugural Global Cybersecurity Assurance Report Card, with research conducted by the CyberEdge Group. The report takes the responses of over five hundred security professionals from around the world and asks them to grade their organizations’ ability to assess cybersecurity risks and to mitigate threats that can exploit those risks.

Marcus Ranum, a Senior Strategist at Tenable, is a sought-after spokesperson on security metrics. Over the next two weeks, Marcus will share some of his insights in a 5-part video blog series, Establishing Relevant Security Metrics. He will offer advice on creating a security metrics program for your organization and selecting the most important metrics.

The language of security is metrics

In today’s information security departments, no matter what the maturity level, metrics are almost always a deliverable required by upper management to gauge the security posture of the company as well as department progress. What I have seen in my various positions within information security is, often times, these metrics fail to provide real value to their organization. If a security department is running a report out of a tool, they’re really only providing information within the limitations of that tool’s reporting capability.