Skip to content

40 Infosec Metrics Organizations Should Track

This article provides a list of key metrics that security teams should track to measure the effectiveness of their information security programs. These metrics are categorized into four main areas to provide a comprehensive view of an organization’s security posture.

The Four Categories of Metrics

1. Metrics for Security Vulnerability and Threat Management

These metrics focus on identifying, prioritizing, and remediating security weaknesses. They help teams understand how quickly they are addressing vulnerabilities and how resilient their systems are to known threats. Examples include:

  • Mean Time to Detect (MTTD): The average time it takes to identify a security incident.
  • Mean Time to Respond (MTTR): The average time it takes to contain and resolve a security incident.
  • Patching Cadence: The frequency of applying security patches to systems.
  • Number of Critical Vulnerabilities: The total count of high-severity vulnerabilities discovered.

2. Metrics for User Access and Identity Management

This category measures the security of user accounts and privileged access. These metrics are vital for preventing insider threats and unauthorized access. Examples include:

  • MFA Adoption Rate: The percentage of users who have enabled Multi-Factor Authentication.
  • Number of Inactive Accounts: The total count of user accounts that are no longer in use but still active.
  • Privileged Account Activity: The frequency and nature of activity from high-privilege accounts.

3. Metrics for Security Awareness and Compliance

These metrics assess the effectiveness of security training and the organization’s adherence to regulatory requirements. Examples include:

  • Phishing Simulation Success Rate: The percentage of employees who fail a simulated phishing test.
  • Compliance Audit Findings: The number of non-compliance issues found during internal or external audits.
  • Security Training Completion Rate: The percentage of employees who have completed mandatory security awareness training.

4. Metrics for Incident Response and Recovery

This final category measures the team’s ability to respond to and recover from a security breach. Examples include:

  • Data Breach Cost: The total financial impact of a security incident.
  • Backup Success Rate: The percentage of backups that are completed successfully.
  • Time to Contain: The time it takes to stop a security incident from spreading.

Tracking these metrics provides a clear, data-driven view of an organization’s security posture, helping leaders make informed decisions and continuously improve their defenses.

About Graylog  
At Graylog, our vision is a secure digital world where organizations of all sizes can effectively guard against cyber threats. We’re committed to turning this vision into reality by providing Threat Detection & Response that sets the standard for excellence. Our cloud-native architecture delivers SIEM, API Security, and Enterprise Log Management solutions that are not just efficient and effective—whether hosted by us, on-premises, or in your cloud—but also deliver a fantastic Analyst Experience at the lowest total cost of ownership. We aim to equip security analysts with the best tools for the job, empowering every organization to stand resilient in the ever-evolving cybersecurity landscape.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Five Essential Strategies to Combat Phishing Threats

This article outlines five key strategies for organizations to effectively defend against phishing attacks. Phishing remains one of the most common and dangerous cyber threats, and a layered defense is required to protect against it.

The Five Strategies

  • 1. User Education and Training

    The first line of defense is your employees. Regularly train them to recognize phishing attempts, such as suspicious links, unusual sender addresses, and urgent, threatening language. Simulated phishing exercises can help reinforce this knowledge.

  • 2. Multi-Factor Authentication (MFA)

    Implementing MFA is a critical control. Even if an employee’s password is stolen through a phishing attack, MFA prevents attackers from gaining access to the account without a second form of verification.

  • 3. Endpoint Security and Email Filtering

    Use robust endpoint security solutions and advanced email filtering to automatically detect and block malicious emails before they reach an employee’s inbox. This technology can identify and quarantine messages with malicious attachments or links.

  • 4. Data Loss Prevention (DLP)

    DLP tools can prevent sensitive data from being exfiltrated from the network, even if a phishing attack is successful. These tools monitor data in transit and at rest, and can block unauthorized sharing of confidential information.

  • 5. Network Monitoring and Log Management

    Finally, a comprehensive network monitoring and log management system is essential. By collecting and analyzing security logs, you can detect unusual activity—such as a user accessing a system from an unusual location after clicking a phishing link—and respond to the threat in real-time. This provides the visibility needed for a swift incident response.

About Graylog  
At Graylog, our vision is a secure digital world where organizations of all sizes can effectively guard against cyber threats. We’re committed to turning this vision into reality by providing Threat Detection & Response that sets the standard for excellence. Our cloud-native architecture delivers SIEM, API Security, and Enterprise Log Management solutions that are not just efficient and effective—whether hosted by us, on-premises, or in your cloud—but also deliver a fantastic Analyst Experience at the lowest total cost of ownership. We aim to equip security analysts with the best tools for the job, empowering every organization to stand resilient in the ever-evolving cybersecurity landscape.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Segura® Welcomes CFO Igor Iuki Murakami to Drive IPO Readiness and International Growth

Segura, a company specializing in continuous application security, has announced the appointment of Igor Iuki Murakami as its new Chief Financial Officer. With a career spanning over 20 years in finance and a strong background in the technology and security sectors, Murakami brings a wealth of experience to the company’s executive team.

A Strategic Addition to Leadership

According to the press release, Murakami’s appointment is a strategic move to support Segura’s rapid growth and market expansion. His experience with financial planning, fundraising, and mergers and acquisitions will be crucial as the company scales its operations and continues to develop its innovative application security solutions. Segura’s CEO emphasized that Murakami’s deep understanding of the industry and his proven track record of helping technology companies grow make him an ideal fit for the role.

Commitment to Growth and Security

The addition of a new CFO signals Segura’s commitment to strengthening its financial and operational leadership. The company aims to accelerate its mission of providing robust application security platforms that help businesses protect their digital assets from an increasingly complex threat landscape. Murakami’s leadership is expected to play a key role in guiding Segura through its next phase of growth while maintaining its focus on innovation and security excellence.

About Segura®
Segura® strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Why Next-Generation Firewalls Can’t Detect Stealth DNS Attacks

This article discusses a significant security gap in modern network defenses: the inability of Next-Generation Firewalls (NGFWs) to detect highly evasive DNS-based attacks. While NGFWs are effective against many threats, they are often blind to malicious activity hidden within DNS traffic, leaving a critical vulnerability that cybercriminals are actively exploiting.

The Evasion Tactic: How Attackers Use DNS

Attackers use a technique called DNS tunneling to create a covert communication channel. They encode malicious traffic—such as command-and-control (C2) signals or data exfiltration—within standard DNS queries and responses. Because DNS is an essential part of network communication and is often considered a “trusted” protocol, NGFWs and other security tools frequently allow this traffic to pass through uninspected. This provides a perfect, low-detection pathway for a stealth attack.

Why NGFWs Fall Short

Next-Generation Firewalls excel at inspecting the content of data packets, but they often struggle with DNS traffic for several reasons: they typically only inspect DNS requests, not the full response; they cannot analyze the deep-level content of a query to detect malicious payloads; and they are not designed to identify the behavioral patterns of DNS tunneling, which involves an unusually high volume of DNS requests to a single domain.

Closing the Security Gap

To combat this threat, the article recommends a multi-layered security approach. This includes implementing a dedicated DNS security solution that is designed specifically to analyze DNS queries and responses in real-time. These specialized tools can perform deep packet inspection, apply behavioral analysis to detect DNS tunneling, and block malicious traffic before it reaches the network. By adding a dedicated DNS security layer, organizations can effectively close the gap that NGFWs leave open and create a more resilient defense against advanced cyberattacks.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×