Guide
Metrics and Reporting
Create Incident Response Metrics Worth Reporting
Adrian Sanabria, IANS Faculty
The purpose of any metric should first and foremost be to improve the processes they serve to measure. In incident response (IR), speed is key – if you’re not faster than your adversary, there should be a plan to get there. Burnout within the IR and security operations center (SOC) teams is also a common issue that metrics can help track and prevent. This piece explains how to create IR metrics that focus on improvement and are likely to resonate with management, including understanding:
- What IR metrics are not worth focusing on
- What metrics should be prioritized for improvement
- What metrics should be reported to management
- What an ideal response time is
- How to properly resource metrics tracking and production
Complete the form and we'll send a copy of the IR metrics guide to your email.
Request your free content download
We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Policy.