Serving U.S. and international private industry clients in
the national security and government markets.
Civitas Group Managing Director and COO Julie Anderson was recently featured in an article where she discussed how Federal agencies can better assess cyber risk with new metrics for performance management. The article was released in Federal Computer Week, a strategy and business management publication for government leaders.
Collecting and scaling data is a key place to start so organizations can understand what the direct threats are – and what some of the vulnerabilities there may be that may not have such a significant impact on a given system, according to Julie Anderson, managing director of Civitas Group.
It comes down to performance management, but not in the traditional sense, Anderson added.
“As it relates to cybersecurity, performance management is about measuring what’s effective and collecting data that can be used to make decisions,” she said. “Measuring success is the hardest part – changing the measurement system from process-oriented to outcome-oriented.”
In the government today, too much emphasis lies in measuring how fixes are implemented rather than if the fixes address the problem, sources said. Instead, more focus should be on outcome-based decisions that help measure what really improves cybersecurity – not measuring how far along an agency is in implementation.
To read the full article, please visit Federal Computer Week.