When you’re presented with IT security metrics, your
question is: What does this mean for my business? And
ultimately, what data should I be most concerned with? The
point is, not all data deserves equal protection. A more effective
approach is to understand:
• Which data is most critical (also known as “crown jewels”)?
• Where does that data reside?
• How is it exposed to security risks?
• What potential impact would a security breach to this data
have on your organization?
• What are the appropriate steps to take based on the