When presenting to the board on security, which are more impactful: leading indicators or trailing indicators?

750 views3 Comments

Founder/Chairman/CTO in Telecommunication, 201 - 500 employees
Leading indicators versus trailing indicators is the biggest thing in the private space, which is where I have all of my experience at this point, so there's a bit of bias there. But boards are looking for leading indicators. If you're talking about trailing indicators, they're useful in as much as they confirm a thing that you planned to do in the past, so it's attainment to target. For example, let’s say you wanted to implement MFA and have 99% usage across the organization. You slated that for Q1 and hit the target early in terms of proactively rolling forward and hitting these projects on time, on budget and to plan. The more of that stuff you can surface, the better.
Director of IT in Education, 5,001 - 10,000 employees
Leading indicators are more impactful to the board, showing the security measures implemented and the effectiveness, by showing security metrics results. Trailing indicators can show the contrast of security in place currently against the past.
Senior Manager - IT Governance in Healthcare and Biotech, 201 - 500 employees
Both lead and lag indicators serve a purpose...reliance on only one could skew the picture. I believe a balanced approach to be more beneficial...show a bit of both (learn from the past to inform the future, and learn from environmental analysis to inform decisions)

Content you might like


Very good54%


Fair / acceptable9%


Very poor0%



Strongly agree4%




Strongly disagree0%



CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
48.6k views133 Upvotes326 Comments