Delivered

Cybersecurity Risk Dashboard

Board-level security metrics dashboard consolidating 22 KPIs from 16 data sources for a $16B insurance company

TableauSecurityData IntegrationExecutive ReportingInsurance

Cybersecurity Risk Dashboard

Built a board-level cybersecurity metrics dashboard for a $16 billion insurance company, consolidating fragmented security data into actionable executive insights.

The Challenge

The CISO needed to report cybersecurity posture to the board quarterly. The problem: security data lived in 16 different systems with no unified view.

The Ask: One dashboard. 22 metrics. Board-ready visualizations. Quarterly refresh.

The Reality: Data scattered across SIEM, vulnerability scanners, identity management, endpoint protection, email security, and more. No consistent schemas. No data warehouse. No existing ETL.

Solution Architecture

Data Integration Layer

Built a lightweight data integration pipeline connecting 16 source systems:

  • Security Tools: Splunk, Qualys, CrowdStrike, Proofpoint, Okta
  • IT Systems: ServiceNow, Active Directory, asset management
  • External Sources: Threat intelligence feeds, industry benchmarks

Each source required custom extraction logic—APIs where available, database queries where not, manual exports as last resort.

Metrics Framework

Collaborated with security leadership to define 22 KPIs across five domains:

  1. Threat Detection: Time-to-detect, alert volume, false positive rate
  2. Vulnerability Management: Patch compliance, critical vuln aging, scan coverage
  3. Identity & Access: MFA adoption, privileged account monitoring, access reviews
  4. Endpoint Security: Agent coverage, encryption compliance, malware incidents
  5. Security Operations: Incident response times, ticket backlog, training completion

Each metric included:

  • Current value with trend indicator
  • Target threshold (red/yellow/green)
  • Drill-down capability for investigation
  • Historical context (quarter-over-quarter)

Visualization Design

Board members have 5 minutes per topic. The dashboard needed to answer:

  1. Are we secure? (Overall risk score)
  2. What's changed? (Trending metrics)
  3. What needs attention? (Red/yellow KPIs)

Design principles:

  • Executive summary on first page
  • Domain deep-dives on subsequent pages
  • No jargon—translate technical metrics to business impact
  • Consistent color coding across all visualizations

Technical Implementation

  • Platform: Tableau Server with scheduled extracts
  • Data Prep: Tableau Prep flows for transformation logic
  • Security: Row-level filtering, SSO integration, audit logging
  • Distribution: Scheduled PDF exports for board packets

Delivery Challenges

Data Quality

The biggest obstacle wasn't technical—it was data quality. Security tools often had:

  • Missing timestamps
  • Inconsistent asset identifiers
  • Duplicate records
  • Gaps in historical data

Solution: Built data quality scorecards so stakeholders understood limitations. "This metric reflects 87% of endpoints" is better than pretending it's 100%.

Stakeholder Alignment

Different teams had different definitions of "incident" and "vulnerability." Spent significant time building consensus on metric definitions before touching any data.

Refresh Cadence

Quarterly board reporting but daily operational needs. Built two versions:

  • Board deck: Quarterly refresh, curated narrative
  • Operations view: Daily refresh, all metrics, self-service filters

Impact

  • Time Savings: 40+ hours per quarter previously spent manually compiling reports
  • Visibility: First unified view of security posture across the organization
  • Accountability: Clear ownership for each metric domain
  • Board Confidence: Consistent, professional reporting elevated security conversations

Lessons Learned

Executive dashboards aren't about showing all the data. They're about telling a story with data. The 22 metrics we chose mattered less than the narrative they enabled.

Security visibility for the boardroom.