Security program management has been recognized as an essential discipline for security leaders at least from  the early 2000s.¹ In the two decades since, some organizations have learned how to measure the effectiveness  of their security programs and use data to improve the way they plan and prioritize investments in people,  processes, and security technologies.

Surprisingly, there is relatively little data available about how security leaders are managing their programs.  What tools are they using? What best security management practices have they developed? How do they align  security activities with business objectives?

To answer those questions and provide a broader understanding of security program management practices  today, Blue Lava commissioned a survey of 268 CISOs, CIOs, and senior security and risk managers. 

Download a summary of the survey highlighting practices and goals for measuring and managing security programs and communicating priorities to executives and boards