Board of Directors Cyber Metrics
The Outcome
A Fortune 500 company's Board of Directors now has fast, high-quality, decision-making abilities with Booz Allen’s metrics framework. Those abilities have driven a refined cyber strategy built on multiyear security maturity targets, within the established risk levels. The Board is informed and empowers security leadership to execute the strategy roadmap to protect the organization and support the overarching growth targets.
The Situation
A Fortune 500 company was recovering from a consequential cyber attack. Its Board members needed to understand what had happened, the company’s future cyber risk, and the resources required to prevent future incidents.
The Approach
Our approach enabled Board members to understand and contextualize the risk as they charted the company’s future. The three layers of metrics—tactical defenses, capability building and modernization, and enterprise risk—allowed the CISO to demonstrate the current risk profile of major business units, the resources that would be required to mitigate those risks, and how the resources and workstreams should be prioritized.
