Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2009
IEEE
2009
IEEE
The Good, the Bad, And the Ugly: Stepping on the Security Scale
: Metrics are both fashionable and timely: many regulations that affect cybersecurity rely upon metrics – albeit, of the checklist variety in many cases – to ascertain compliance. However, there are far more effective uses of security metrics than external compliance exercises. The most effective use of security metrics is to manage better, which may include: • Make a business case for needed change • Focus scarce resource on most pressing problems (with the biggest payoff for resolution) • Help spot problems early - or successes early • Address “outside” concerns or criticisms fairly and objectively A successful security metric should: • Motivate good/correct behavior (not promote evasive tactics just to make the numbers look good) • Prompt additional questions (“Why? How?”) to understand what is influencing the numbers • Answer basic questions of goodness (e.g., “Are we doing better or worse?”) • Be objective and measurable, even if correlation may not...
Real-time TrafficACSAC 2009 | Key Comparison Metrics | Keywords-security Metrics | Security Metrics | Security Privacy |
| Added | 18 May 2010 |
| Updated | 18 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | ACSAC |
| Authors | Mary Ann Davidson |
Comments (0)
Researcher Info
|
