Requirements for Enterprise Security Performance Management

Published On: July 16, 2020

We are delighted to see that someone of Ed Amoroso’s prominent standing in the cybersecurity world has taken an interest in Security Performance Management (SPM). In this short white paper, Ed points out that security assessments are becoming more continuous in nature, rather than remaining point-in-time snapshots. He goes on to describe the variety of actors whose needs must be taken into account in any SPM initiative – it’s not just the security and audit teams! 

Most importantly, Ed provides readers a set of five requirements for any SPM platform, to help guide organizations in selecting the right SPM tool. The five key capabilities are: Workflow, Analysis, Planning, Remediation, and Metrics.

SPM Requirements

One key takeaway is that an SPM solution needs to integrate with the existing security and GRC tooling to deliver optimum workflow automation and speed of decision-making. 

Of course, we think we’ve already built the kind of SPM platform that Ed describes! Integrations with workflow, analytics, and planning tools? Check. Built-in, prioritized remediation recommendations? Absolutely. Metrics, reports, and cost estimates aimed at all stakeholders? Naturally.

SPM is a relatively new product category, and buyers are still just becoming aware of it and how it solves problems with communications, budgeting, and prioritizing. Here at TrustMAPP, we are hard at work educating the marketplace about the power of SPM. Having someone like Ed Amoroso recognize the need for SPM is wonderful news. 

Contact us if you’d like to learn more.

Browse These Topics


boost the protection of your data bridge the gap in your information security challenges build a cyber safe firm business decisions around security Challenges Facing Chief Information Security Officers CISO program efficacy CISO program management cyber security cyber security goals Cybersecurity management Cyber Security Mistakes cybersecurity performance management cyber security platform cyber security team Effective Data Security Measures effectively communicate with board members regarding cyber issues or threats elevate your security confidence elevating information security elevating your information security levels Identify Potential Security Weaknesses Implementing a Comprehensive Cyber Security Plan Implementing Strong Cyber Security Protocols Implementing strong security software protocols improve cyber security protocols Information Security Programs information security protection agency information security risk management information security solutions information security trends managing your information security effectively maturity of your information security and privacy programs measure security levels measure your security proprietary software can help you to protect your company Protect Against Costly Security Breach Protect Customer Data Protect Cyber Network risk management advisor risks of a data breach roadmap to better information security robust security monitoring service successful information security technology advancement top notch security software for your company traveling to high risk countries