Under the Hood of the IT Security Risk Dashboard: Status Lights Signal Green But Are You Really Safe?
Large amounts of information are stored in management dashboards which the authors rely on for feedback before deciding on what events need to be fixed immediately and what can wait for remediation. Instead of looking for unusual signs and signals indicating risk, the dashboard becomes the system of record by which your decisions are made: it can however give one a false sense of comfort that all is well when it clearly isn't. This paper points out a few of those noises, bumps and oil drips that exist while your security dashboard is all green but signal potential catastrophes on the horizon. It will highlight those areas of significant risk that are often the last to be examined by security management and that are difficult to quantify within reporting systems predicated on defined boundaries and ease of assignment.