Defense in Depth is part of the CISO Series network which can be found at CISOSeries.com. What are the most important metrics to measure when building out your security program? One thing we learned on this episode is those metrics change, as your security program matures. This episode of Defense in Depth is co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO at Mitel. Our guest is my co-host of the other show, Mike Johnson, CISO of Lyft. Fluency's correlation and risk scoring technology combined with their approach of using pseudonyms in place of certain PII data greatly facilitates your organization's path towards compliance. Over time, machine learning and artificial intelligence algorithms detect anomalies at an impressive level of scalability. Run Fluency as a standalone or integrate it into your existing SIEM. Learn more by visiting us at booth #4529 at the RSA® Conference 2019. On this episode of Defense in Depth, you'll learn: There is no golden set of security metrics. Metrics you use to measure your security program this year won't necessarily be the same ones you use next year. Use the NIST model to determine your security program maturity. Unlike B2C, B2B companies can use metrics to build a closer tie between security and the business. Regulations and certifications is one easy way to align security with the business.