Chapter 10

Designing Effective Security Dashboards

“Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.”

Antoine de Saint-Exupéry, Airman's Odyssey

Just when you thought it was safe to leave the comfort of your analytics lab to grab another caffeinated beverage you find yourself in a conversation with one of the security managers and are asked the inevitable and dreaded question, “Can you help us build a security dashboard?” If that sentence did not cause even a flicker of your own fight-or-flight response, you may not truly understand the difficulty of designing succinct, meaningful displays of quantitative information in order to drive some type of action. This chapter presents techniques and advice that will enable you to design dashboards to help measure, monitor, and mobilize every layer of security in your organization.

What Is a Dashboard, Anyway?

It's nigh impossible to discuss the subject of dashboards without quoting the definition of dashboard coined by the “Godfather” of dashboards, Stephen Few:

“A dashboard is a visual display of the most important information needed to achieve one or more objectives that has been consolidated in a single computer screen [or printed page] so it can be monitored at a glance.”

—Stephen Few, Information Dashboard Design

We've added “or printed page” since organizations are still quite fond of paper, and there are special design considerations when including printed output.

We can ...