Security Program Dashboarding
Generate an Initial Security Program Dashboard
Here we discuss the development of your initial security program dashboard. Your dashboard should help you make informed decisions within your environment.
Tips to Build a Security Program Dashboard
Tip #1: Your primary objective with this dashboard is to do one or both items below:
- Have management or stakeholders to understand the status of your environment and assuming accountability for it.
- Present information in a way that supports making informed business decisions.
Tip #2: Focus on the page balance and color palette just as much as the information in your security program dashboard. Make sure your dashboard looks sharp.
Tip #3: Everything you present in this dashboard should be presented in a way that evokes a decision. I like to draft the decision questions I want to be answered before the meeting, and then review the completed dashboard to see if it has the information to help me answer that question.
Tip #4: Avoid jargon. All the dashboard verbiage should be understood by someone that doesn’t understand security.
Tip #5: Make sure that anyone who needs to make a decision is invited to the meeting where the dashboard will be reviewed.
Tip #6: Check the document for typos and make sure the document is clean and organized. A common diversion tactic is to focus on those issues, rather than the decisions you want.
Tip #7: Don’t stress if you don’t get any decisions. Remember tip #1: if you did this right you’re presenting information to management. If they don’t want to make a decision with it, that’s on them now.
Remember, we understand that there might be questions and we are here to support you along the way!