Rating:
Author: Lance Hayden
ISBN : B003WJR5XQ
New from $26.76
Format: PDF
Direct download links available Free IT Security Metrics : A Practical Framework for Measuring Security & Protecting Data [Kindle Edition] for everyone book with Mediafire Link Download Link
Implement an Effective Security Metrics Project or Program IT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety of organizational contexts to achieve continuous security improvement over time. Real-world examples of security measurement projects are included in this definitive guide. Define security metrics as a manageable amount of usable data Design effective security metrics Understand quantitative and qualitative data, data sources, and collection and normalization methods Implement a programmable approach to security using the Security Process Management Framework Analyze security metrics data using quantitative and qualitative methods Design a security measurement project for operational analysis of security metrics Measure security operations, compliance, cost and value, and people, organizations, and culture Manage groups of security measurement projects using the Security Improvement Program Apply organizational learning methods to security metrics
Direct download links available for Free IT Security Metrics : A Practical Framework for Measuring Security & Protecting Data
- File Size: 10971 KB
- Print Length: 396 pages
- Simultaneous Device Usage: Up to 4 simultaneous devices, per publisher limits
- Publisher: McGraw-Hill; 1 edition (June 21, 2010)
- Sold by: Amazon Digital Services, Inc.
- Language: English
- ASIN: B003WJR5XQ
- Text-to-Speech: Enabled
X-Ray:
- Lending: Not Enabled
- Amazon Best Sellers Rank: #366,745 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
Free IT Security Metrics : A Practical Framework for Measuring Security & Protecting Data
I was not sure what to expect as I started reading IT Security Metrics (ISM). I had just discarded another new book, published in July 2010, supposedly about security metrics but really about nothing useful to anyone anchored in the operational IT world. Would ISM be another disappointment? Since Andrew Jaquith published Security Metrics in 2007, no other book had appeared to help security professionals measure their worlds. Thankfully, I can strongly recommend Lance Hayden's ISM as a very strong contributor to the discussion on security metrics. ISM's subtitle, "A Practical Framework for Measuring Security & Protecting Data," really does explain the purpose and value of this great new book.
One aspect of ISM that made a distinct impression was its justification of qualitative measurement. It's fashionable in the security metrics community to focus almost exclusively on quantitative measurement. This usually means focusing on data that is already in numeric form. One of the primary lessons in ISM is that qualitative data has immense value. The challenge is rendering qualitative data in a form that can be counted. On p 141 Hayden says "the heart of qualitative analytical techniques is the concept of coding, or assigning themes and categories to the data and increasingly specific levels of analysis." Hayden explains how to perform this analysis, as well as how to incorporate other crucial data sources such as process maps and documentation. While I was familiar with this approach I had basically discounted it due to the prevailing mindset in the security metrics community. Now I will try to incorporate qualitative analysis my metrics program.
ISM also succeeds by helping the reader focus on simple yet effective approaches such as Goal - Question - Metric.