IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data

— —

Lance Hayden

IT Security Metrics

A Practical Framework for Measuring Security & Protecting Data

Lance Hayden

$140.95 $127.24

Paperback

Not in-store but you can order this
How long will it take?

Availability Information

We source books from suppliers in Australia and overseas. For books we don't currently have in stock, the time it takes to get them from our suppliers can vary widely - from a few days to a few months - so we check each book with each supplier to determine the expected time it will take to be supplied to us.

We then advise you accordingly. If the time taken to get any book is too long for you, you can let us know and we will cancel or adjust your order, and refund as required.

To find out the anticipated arrival time for specific items prior to ordering, please contact us by phone or email:

Phone +61 2 9264 3111, or 1800 4 BOOKS (1800 4 26657) if outside Sydney:
option 1 Abbey's Bookshop (Crime, History, Science, Kids & more) • info@abbeys.com.au
option 2 Language Book Centre (ESL & Foreign Languages) • language@abbeys.com.au
option 3 Galaxy Bookshop (Sci-fi, Fantasy, Romance, Graphic Novels) • sf@galaxybooks.com.au

QTY:

English

Osborne/McGraw-Hill
21 June 2010

Network programming; Computer networking & communications

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.

Implement an Effective Security Metrics Project or ProgramIT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety of organizational contexts to achieve continuous security improvement over time. Real-world examples of security measurement projects are included in this definitive guide.

Define security metrics as a manageable amount of usable data Design effective security metrics Understand quantitative and qualitative data, data sources, and collection and normalization methods Implement a programmable approach to security using the Security Process Management Framework Analyze security metrics data using quantitative and qualitative methods Design a security measurement project for operational analysis of security metrics Measure security operations, compliance, cost and value, and people, organizations, and culture Manage groups of security measurement projects using the Security Improvement Program Apply organizational learning methods to security metrics

By: Lance Hayden
Imprint: Osborne/McGraw-Hill
Country of Publication: United States
Dimensions: Height: 231mm, Width: 185mm, Spine: 21mm
Weight: 644g
ISBN: 9780071713405
ISBN 10: 0071713409
Pages: 396
Publication Date: 21 June 2010
Audience: Professional and scholarly , Undergraduate
Format: Paperback
Publisher's Status: Active

Part I: Introducing Security Metrics; Chapter 1. What is A Security Metric?; Chapter 2. Designing Effective Security Metrics; Chapter 3. Understanding Data; Case Study I: In Search of Enterprise Metrics; Part II: Implementing Security Metrics; Chapter 4. The Security Process Management Framework; Chapter 5. Analyzing Security Metrics Data; Chapter 6. Designing the Security Measurement Project; Case Study II: Normalizing tool data in a security posture assessment; Part III: Exploring Security Measurement Projects; Chapter 7. Measuring Security Operations; Chapter 8. Measuring Compliance and Conformance; Chapter 9. Measuring Security Cost and Value; Chapter 10. Measuring People, Organizations, and Culture; Case Study III: Web Application Vulnerabilities; Part IV: Beyond Security Metrics; Chapter 11. The Security Improvement Program; Chaper 12. Learning Security: Different Context for Security Process Management; Case Study IV: Getting Management Buy-In For a Metrics Program; Index

Lance Hayden, Ph.D., CISSP, CISM, is a Solutions Architect and Information Scientist with Cisco System's World Wide Security Practice where he helps Cisco's customers make informed decisions about their security operations. In addition to his private sector experience, he teaches at the University of Texas and is a former HUMINT officer with the Central Intelligence Agency.