NorthSec 2021

Security Metrics That Matter
2021-05-21, 15:15–15:45, Main stream

We measure so that we can improve and report. Reporting is for our bosses and job security. Improvement is for us. As an outnumbered security professional you will never, ever have enough time, money and resources to add every layer of defence you wish you could, which means we need to work smarter. Learn about which metrics truly matter, and which vanity metrics you can learn to safely ignore, so that you can work the most effectively at protecting your organization.


We measure so that we can improve and report. Reporting is for our bosses and job security. Improvement is for us. As an outnumbered security professional you will never, ever have enough time, money and resources to add every layer of defence you wish you could, which means we need to work smarter. Learn about which metrics truly matter, and which vanity metrics you can learn to safely ignore, so that you can work the most effectively at protecting your organization.


Workshops only: Would you like to stream the workshop to an additional (passive) audience? – no Have you given this talk/workshop before? If yes, please provide details and/or slides/video.

I've presented this twice before, but both were paid events and recordings were not made public. I got really great reviews, wohoo! I don't have my slides public but would be happy to send them to you in advance. I also have a case study I can present, but it would take 60 minutes, not 30.

Tanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.

This speaker also appears in: