Metrics is a deep subject that can be as simple as “how many viruses did we block” to far more complex like “how is security performing relative to the institution”. Metrics are not equal for all organizations and depend heavily on your current state of development and the level of adoption set forth by the executive and the board. In this session, we will look at information security programs and developing metrics relevant for your current state of maturity. Join us for this round table discussion where we will look at metrics and share lessons learned in order to improve reporting at your institution.


Steve Rosco

Senior Manager of IT Infrastructure, University of British Columbia

Hugh Burley

Manager of Information Security, Thompson Rivers University