point in time security assessments or security performance management that is more continuous / automated - which do you prefer ?  Check out this paper by Ed Amoroso - retired ATT Chief Security Officer - founder of TAG Cyber  https://www.tag-cyber.com/analysis/white-papers/requirements-for-security-performance-management

LeadershipSecurity & GRC

I plan to rely on static annual external assessments of security to judge effectiveness71%

I plan to look at security performance management capabilities to assess continuously my security effectiveness28%

252 PARTICIPANTS
1.1k viewscircle icon2 Upvotescircle icon1 Comment
Sort by:
Chief Evangelist in IT Services2 years ago

Unfortunately the link is broken

Lightbulb on1

Content you might like

What is the best work travel advice you’ve ever been given?

Read More Comments

For large-scale transformations, would you consider complementing your technology and process work with consulting focused on leadership alignment, mindset transformation, and accelerating measurable results across teams?

Which of these areas are you targeting for funding increases in your 2026 cybersecurity budget? (Choose all applicable)

Threat detection & response 51%

Identity & access management 60%

Cloud security 47%

Security awareness training 28%

Other 2%

N/A

View Results

At what point do you consider networking to still be a core function of IT, and when does it make sense to hand it off to another team or external provider? What factors do you take into account when deciding whether networking should remain within the IT department or be managed by someone else?

Read More Comments

Which digital contract lifecycle management tool is your organization leveraging?

Agiloft7%

Conga23%

DocuSign CLM (SpringCM)38%

Apttus6%

Ironclad4%

Coupa (Exari)4%

Other (discuss below)16%

View Results