Item Details

Pragmatic Security Metrics [electronic resource]: Applying Metametrics to Information Security

W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay
Format
EBook; Book; Online
Published
Boca Raton, Fla : CRC Press, ©2013.
Language
English
Variant Title
Applying metametrics to information security
ISBN
1439881529 (cloth), 9781439881521 (cloth)
Summary
Covering information security metrics, this book provides practical advice on how to specify, develop, use, and maintain a more meaningful and useful system of metrics. It provides guidance on using metrics to identify problem areas and drive security improvements. With a focus on measurement, the author discusses metrics that support an information security management system that complies with ISO/IEC 27001. The text introduces capability maturity metrics that can be used to measure and drive continuous improvement in information security. It also introduces the PRAGMATIC mnemonic to help practitioners choose better metrics.
Contents
  • Introduction
  • - Why Measure Information Security?
  • - The Art and Science of Security Metrics
  • - Audiences for Security Metrics
  • - Finding Candidate Metrics
  • - Metametrics and the PRAGMATIC Approach
  • - 150+ Example Security Metrics
  • - Designing PRAGMATIC Security Measurement System
  • - Advanced Information Security Metrics
  • - Downsides of Metrics
  • - Using PRAGMATIC Metrics in Practice
  • - Case Study
  • -- Conclusions
  • -- Appendix A: PRAGMATIC Criteria
  • - Appendix B: Business Model of Information Security (BMIS)
  • - Appendix C: Capability Maturity Model (CMM)
  • - Appendix D: Example Opinion Survey Form
  • - Appendix E: SABSA Security Attributes Table
  • - Appendix F: Prototype Metrics Catalog
  • - Appendix G: Effect of Weighting the PRAGMATIC Criteria
  • - Appendix H: ISO27k Maturity Scale Metrics
  • - Appendix I: Sample Management Survey
  • - Appendix J: Observer Bias
  • - Appendix K: Observer Calibration
  • - Appendix L: Bibliography.
Description
Mode of access: World wide Web.
Notes
  • "An Auerbach book."
  • Includes bibliographical references (pages 483-485) and index.
Logo for Copyright Not EvaluatedCopyright Not Evaluated
Technical Details
  • Access in Virgo Classic

  • LEADER 03177cam a2200433 i 4500
    001 u6404018
    003 SIRSI
    005 20150708061627.0
    006 m d
    007 cr n
    008 130405s2013 flua sb 001 0 eng d
    010
      
      
    a| 2012277208
    020
      
      
    a| 1439881529 (cloth)
    020
      
      
    a| 9781439881521 (cloth)
    035
      
      
    a| (Sirsi) ssj0000905647
    035
      
      
    a| (WaSeSS)ssj0000905647
    040
      
      
    a| CDX b| eng c| CDX d| NEO d| OCLCO d| YDXCP d| CLE d| OCLCQ d| ALAUL d| OCLCQ d| OCLCF d| CRCPR d| OCLCQ d| DLC d| WaSeSS
    042
      
      
    a| lccopycat
    050
    0
    0
    a| HD30.38 b| .B76 2013
    082
    0
    0
    a| 658.4/780287 2| 23
    100
    1
      
    a| Brotby, W. Krag.
    245
    1
    0
    a| Pragmatic security metrics h| [electronic resource] : b| applying metametrics to information security / c| W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay.
    246
    3
    0
    a| Applying metametrics to information security
    260
      
      
    a| Boca Raton, Fla : b| CRC Press, c| ©2013.
    500
      
      
    a| "An Auerbach book."
    504
      
      
    a| Includes bibliographical references (pages 483-485) and index.
    505
    0
      
    a| Introduction --- Why Measure Information Security? --- The Art and Science of Security Metrics --- Audiences for Security Metrics --- Finding Candidate Metrics --- Metametrics and the PRAGMATIC Approach --- 150+ Example Security Metrics --- Designing PRAGMATIC Security Measurement System --- Advanced Information Security Metrics --- Downsides of Metrics --- Using PRAGMATIC Metrics in Practice --- Case Study ---- Conclusions ---- Appendix A: PRAGMATIC Criteria --- Appendix B: Business Model of Information Security (BMIS) --- Appendix C: Capability Maturity Model (CMM) --- Appendix D: Example Opinion Survey Form --- Appendix E: SABSA Security Attributes Table --- Appendix F: Prototype Metrics Catalog --- Appendix G: Effect of Weighting the PRAGMATIC Criteria --- Appendix H: ISO27k Maturity Scale Metrics --- Appendix I: Sample Management Survey --- Appendix J: Observer Bias --- Appendix K: Observer Calibration --- Appendix L: Bibliography.
    520
      
      
    a| Covering information security metrics, this book provides practical advice on how to specify, develop, use, and maintain a more meaningful and useful system of metrics. It provides guidance on using metrics to identify problem areas and drive security improvements. With a focus on measurement, the author discusses metrics that support an information security management system that complies with ISO/IEC 27001. The text introduces capability maturity metrics that can be used to measure and drive continuous improvement in information security. It also introduces the PRAGMATIC mnemonic to help practitioners choose better metrics.
    538
      
      
    a| Mode of access: World wide Web.
    650
      
    0
    a| Business enterprises x| Computer networks x| Security measures.
    650
      
    0
    a| Computer security.
    650
      
    0
    a| Data protection.
    655
      
    0
    a| Electronic books.
    700
    1
      
    a| Hinson, Gary.
    700
    1
      
    a| Kabay, Michel E.
    710
    2
      
    a| Safari Books Online
    856
    4
    0
    u| http://RE5QY4SB7X.search.serialssolutions.com/?V=1.0&L=RE5QY4SB7X&S=JCs&C=TC0000905647&T=marc
    596
      
      
    a| 1
    999
      
      
    a| HD30.38 .B76 2013 w| LCPER i| 6404018-1001 l| INTERNET m| UVA-LIB t| INTERNET

Availability

Google Preview

Read Online