A proud sponsor of

Frequently Asked Questions

What is Security by the Numbers?

The Security by the Numbers an online resource at developed by a group of security professionals who have come together to help promote the use of better metrics to improve the performance and best practices of information security in enterprises worldwide.


The mission of Security by the Numbers is to identify and promote IT security metrics, standards and practices that empower IT security professionals to identify and execute the most impactful strategies for protecting their organizations from cyberattacks before they strike vital systems and compromise sensitive data.


To accomplish that mission, the Security by the Numbers council has recruited top level executives and thought leaders from corporations, higher education institutions, industry associations, and governmental organizations to help shape and guide a coordinated research and education campaign.


What are the specific objectives of Security by the Numbers? Security by the Numbers has been created to:

  • Establish an online resource where leading business executives and IT security professionals can learn about comparative benchmarks and best practices for measuring and improving IT security practices at .
  • Conduct global research and develop comparative benchmarks to help identify the latest metrics and enable IT security professionals understand where they stand vs. their peers.
  • Publish educational and best practice reports that will help IT Security Professionals advance their careers by understanding latest IT security measurements as well as playbooks to improve security performance.
  • Promote dialogue, networking and collaboration among professionals and their peers.
  • Expand the awareness and need for developing better IT security metrics as a priority business issue not just an information technology issue.


What specific research are you conducting?

Our first research survey is called the Security Measurement Index (SMI).   The SMI is based on internationally accepted standards for security embodied in ISO 27001, as well as best practices from industry experts and professional associations.   It provides security professionals with a comprehensive way to define how well an organization is measuring the effectiveness of IT security.


Taking the survey offers an easy to understand benchmarking tool for judging how an organization’s security measurement practices compare to those at other companies. By providing an evaluation of security measurements from a management perspective though the SMI Survey, Security By The Numbers hopes to encourage the adoption of security management best practices to help make security more effective and ultimately much more efficient.


What are the benefits of participating in surveys offered by Security by the Numbers?

  • Opportunity to lead and shape key issues in information security for a national and potentially international audience
  • Opportunity to improve the overall information security of organizations throughout the world by focusing on the key performance metrics involved
  • Gain knowledge of industry specific benchmarks for security measurement and an opportunity to collaborate with professional peers in helping to provide solutions


How do I learn more about Security by the Numbers?

Visit our website at and take the Security Measurement Index survey as well as sign up to receive the preliminary survey report when it becomes available later this year.