Question

A security technician receives a copy of a report that was originally sent to the board of directors by the Chief Information Security Officer (CISO). The report outlines the following KPI/KRI data for the last 12 months. Which of the following BEST describes what could be interpreted from the above data?

a. AV coverage across the fleet improved.
b. There is no correlation between infected systems and AV coverage
c There is no correlation between detected phishing attempts and infected systems.
d. A correlation between threat landscape rating and infected systems appears to exist
e. Effectiveness and performance of the security team appears to be degrading

Answer 1

Without specific details from the report, we cannot accurately interpret the KPI/KRI data. However, the study by Bruno & Abrahão indicates that increased cognitive load can affect security incident identification, potentially making the security team seem less effective. none of the given option is correct.

Step-by-step explanation:

The question is centered on interpreting KPI/KRI data from a report that outlines the security health of an organization over the last 12 months. Without the actual data provided in the report, it's impossible to definitively answer which statement best describes the interpretation of the data. However, the research by Bruno & Abrahão (2012) suggests that increased cognitive demands can lead to more mistakes in identifying incidents, which may mean an increase in false positives but not in false negatives.

This is relevant to interpreting such a security report, as it could affect the effectiveness of the security team, and consequently, the overall security posture may appear to be degrading if this factor is not controlled or compensated for.