Rating:
(6 reviews)
Author: Lance Hayden
ISBN : 0071713409
New from $18.56
Format: PDF, EPUB
Download electronic versions of selected books Free IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data [Paperback] from mediafire, rapishare, and mirror link
Implement an Effective Security Metrics Project or Program
IT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety of organizational contexts to achieve continuous security improvement over time. Real-world examples of security measurement projects are included in this definitive guide.
- Define security metrics as a manageable amount of usable data
- Design effective security metrics
- Understand quantitative and qualitative data, data sources, and collection and normalization methods
- Implement a programmable approach to security using the Security Process Management Framework
- Analyze security metrics data using quantitative and qualitative methods
- Design a security measurement project for operational analysis of security metrics
- Measure security operations, compliance, cost and value, and people, organizations, and culture
- Manage groups of security measurement projects using the Security Improvement Program
- Apply organizational learning methods to security metrics
Download latest books on mediafire and other links compilation Free IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data
- Paperback: 396 pages
- Publisher: McGraw-Hill Osborne Media; 1 edition (June 21, 2010)
- Language: English
- ISBN-10: 0071713409
- ISBN-13: 978-0071713405
- Product Dimensions: 9 x 7.3 x 1 inches
- Shipping Weight: 1.4 pounds (View shipping rates and policies)
Free IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data
I was not sure what to expect as I started reading IT Security Metrics (ISM). I had just discarded another new book, published in July 2010, supposedly about security metrics but really about nothing useful to anyone anchored in the operational IT world. Would ISM be another disappointment? Since Andrew Jaquith published Security Metrics in 2007, no other book had appeared to help security professionals measure their worlds. Thankfully, I can strongly recommend Lance Hayden's ISM as a very strong contributor to the discussion on security metrics. ISM's subtitle, "A Practical Framework for Measuring Security & Protecting Data," really does explain the purpose and value of this great new book.
One aspect of ISM that made a distinct impression was its justification of qualitative measurement. It's fashionable in the security metrics community to focus almost exclusively on quantitative measurement. This usually means focusing on data that is already in numeric form. One of the primary lessons in ISM is that qualitative data has immense value. The challenge is rendering qualitative data in a form that can be counted. On p 141 Hayden says "the heart of qualitative analytical techniques is the concept of coding, or assigning themes and categories to the data and increasingly specific levels of analysis." Hayden explains how to perform this analysis, as well as how to incorporate other crucial data sources such as process maps and documentation. While I was familiar with this approach I had basically discounted it due to the prevailing mindset in the security metrics community. Now I will try to incorporate qualitative analysis my metrics program.
ISM also succeeds by helping the reader focus on simple yet effective approaches such as Goal - Question - Metric.
-
Download Link 2