Security Metrics: Replacing Fear, Uncertainty, and Doubt

Description
Comprehensive best-practice guide to defining, creating, and utilising security metrics in organisations. Shows readers current best practices in analyzing security effectiveness.

Program

Security Metrics is a comprehensive best-practice guide to defining, creating, and utilising security metrics in any organisation .



The book shows readers current best practices in analyzing security effectiveness. These best practices are as used by author Andrew Jaquith and other practitioners from leading organisations.
Security Metrics bridges the quantitative viewpoint of security analysis demanded by management and the nuts-and-bolts one typically held by security professionals.


It brings together expert solutions drawn from the author's extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else.

Key Features:

• Details how to replace non-stop crisis response with a systematic approach to security improvement.
• Shows the differences between 'good' and 'bad' metrics.
• You will learn how to measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk.
• Allows you to gain knowledge of how to quantify the effectiveness of security acquisition, implementation, and other programme activities.
• Details how to organise, aggregate, and analyze your data to bring out key insights.
• Shows how to use visualisation to understand and communicate security issues more clearly.
• Allows you to gain knowledge of how to capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources.
• Details how to implement balanced scorecards that present compact, holistic views of organisational security effectiveness.

The book introduces the analytical methods and technique used to create security metrics, complete with numerous sample charts and graphics. It also includes case studies from practitioners that demonstrate how to put metrics to work.

Real-world examples illustrate how important metrics can be to a organisation. Security professionals will learn how to develop metrics on their own. They will also have a much better idea of how effective their current security setup is and what they need to implement to increase this effectiveness.

Authors: Andrew Jaquith
Publisher: Addison-Wesley Professional
ISBN 10: 0321349989
ISBN 13: 9780321349989
Pages: 336
Format: Soft Cover
Published Date: April 2007
Availability: Ex Stock

Security Metrics is a comprehensive best-practice guide to defining, creating, and utilising security metrics in organisations. Order this essential addition to your Information Security library today.