IT Security Metrics

Implement an Effective Security Metrics Project or Program

IT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety of organizational contexts to achieve continuous security improvement over time. Real-world examples of security measurement projects are included in this definitive guide.
Define security metrics as a manageable amount of usable dataDesign effective security metricsUnderstand quantitative and qualitative data, data sources, and collection and normalization methodsImplement a programmable approach to security using the Security Process Management FrameworkAnalyze security metrics data using quantitative and qualitative methodsDesign a security measurement project for operational analysis of security metricsMeasure security operations, compliance, cost and value, and people, organizations, and cultureManage groups of security measurement projects using the Security Improvement ProgramApply organizational learning methods to security metrics