Having security metrics in place is an instrumental step towards building a solid foundation for sustainable success. However, organizations need to continually focus on building upon the foundation, which often requires fine-tuning the approach to ensure ongoing compliance. This is especially true when dealing with multiple business units.\u00a0\n\n\nTrying to keep everyone on the same page can be a constant struggle, regardless of whether you operate as one organization with various departments, or as a holding company with responsibility for multiple autonomous companies. If one of the group suffers a breach, the whole company suffers. Simply put, everyone involved needs to be held accountable.\n\n\nKeep It Simple\n\n\nThe key to success is to keep it simple by focusing on just a few key security indicators. For instance, show how well each unit complies with the company\u2019s policy to patch critical vulnerabilities within four days, high level vulnerabilities within 10 days, and medium level vulnerabilities within 30 days.\u00a0\n\n\nUse a \u201cWall of Fame\u201d\n\n\nAlthough properly structured metrics provide people with the information they need to be successful, most companies require added strategies or incentives to drive action. One way to increase engagement and drive action towards a common goal is to embrace the \u201cwall of fame\u201d concept.\u00a0\n\n\nWhether handled using a simple dashboard format or a PDF that is posted on the company intranet, the wall of fame presents progressive CISOs with a means of graphically demonstrating to the leadership team how well each group is adhering to the company security policies. By using a \u201cwall of fame,\u201d business units can take pride in their contributions towards keeping their organization secure, and progressive CISOs can accomplish their goals.\n\n\nRead more about security metrics that can help you Manage Business Risk, and learn about Assurance Report Cards.