did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780071713405

IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data

by
  • ISBN13:

    9780071713405

  • ISBN10:

    0071713409

  • Edition: 1st
  • Format: Paperback
  • Copyright: 2010-07-12
  • Publisher: McGraw-Hill Education
  • Purchase Benefits
List Price: $53.00 Save up to $1.30
  • Buy New
    $51.70
    Add to Cart Free Shipping Icon Free Shipping

    USUALLY SHIPS IN 2-3 BUSINESS DAYS

Supplemental Materials

What is included with this book?

Summary

Implement an Effective Security Metrics Project or ProgramIT Security Metricsprovides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety of organizational contexts to achieve continuous security improvement over time. Real-world examples of security measurement projects are included in this definitive guide. Define security metrics as a manageable amount of usable data Design effective security metrics Understand quantitative and qualitative data, data sources, and collection and normalization methods Implement a programmable approach to security using the Security Process Management Framework Analyze security metrics data using quantitative and qualitative methods Design a security measurement project for operational analysis of security metrics Measure security operations, compliance, cost and value, and people, organizations, and culture Manage groups of security measurement projects using the Security Improvement Program Apply organizational learning methods to security metrics

Author Biography

Lance Hayden, Ph.D., CISSP, CISM, is a solutions architect and information scientist with Cisco System’s World Wide Security Practice where he helps Cisco’s customers make informed decisions about their security operations. In addition to his private sector experience, he teaches at the University of Texas and is a former HUMINT officer with the Central Intelligence Agency.

Table of Contents

Part I: Introducing Security Metrics; Chapter 1. What is A Security Metric?; Chapter 2. Designing Effective Security Metrics; Chapter 3. Understanding Data; Case Study I: In Search of Enterprise Metrics; Part II: Implementing Security Metrics; Chapter 4. The Security Process Management Framework; Chapter 5. Analyzing Security Metrics Data; Chapter 6. Designing the Security Measurement Project; Case Study II: Normalizing tool data in a security posture assessment; Part III: Exploring Security Measurement Projects; Chapter 7. Measuring Security Operations; Chapter 8. Measuring Compliance and Conformance; Chapter 9. Measuring Security Cost and Value; Chapter 10. Measuring People, Organizations, and Culture; Case Study III: Web Application Vulnerabilities; Part IV: Beyond Security Metrics; Chapter 11. The Security Improvement Program; Chaper 12. Learning Security: Different Context for Security Process Management; Case Study IV: Getting Management Buy-In For a Metrics Program; Index

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program