Amazon cover image
Image from Amazon.com

Pragmatic security metrics : applying metametrics to information security W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay

By: Contributor(s): Material type: TextTextPublication details: Boca Raton, Fla : CRC Press, c2013.Description: xviii, 494 p. : ill. ; 24 cmISBN:
  • 9781439881521
Other title:
  • Applying metametrics to information security
Subject(s): DDC classification:
  • 658.4/780287 23
LOC classification:
  • HD30.38 .B76 2013
Contents:
Introduction --- Why Measure Information Security? --- The Art and Science of Security Metrics --- Audiences for Security Metrics --- Finding Candidate Metrics --- Metametrics and the PRAGMATIC Approach --- 150+ Example Security Metrics --- Designing PRAGMATIC Security Measurement System --- Advanced Information Security Metrics --- Downsides of Metrics --- Using PRAGMATIC Metrics in Practice --- Case Study ---- Conclusions ---- Appendix A: PRAGMATIC Criteria --- Appendix B: Business Model of Information Security (BMIS) --- Appendix C: Capability Maturity Model (CMM) --- Appendix D: Example Opinion Survey Form --- Appendix E: SABSA Security Attributes Table --- Appendix F: Prototype Metrics Catalog --- Appendix G: Effect of Weighting the PRAGMATIC Criteria --- Appendix H: ISO27k Maturity Scale Metrics --- Appendix I: Sample Management Survey --- Appendix J: Observer Bias --- Appendix K: Observer Calibration --- Appendix L: Bibliography.
Summary: Covering information security metrics, this book provides practical advice on how to specify, develop, use, and maintain a more meaningful and useful system of metrics. It provides guidance on using metrics to identify problem areas and drive security improvements. With a focus on measurement, the author discusses metrics that support an information security management system that complies with ISO/IEC 27001. The text introduces capability maturity metrics that can be used to measure and drive continuous improvement in information security. It also introduces the PRAGMATIC mnemonic to help practitioners choose better metrics.
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Call number Status Date due Barcode
REGULAR University of Wollongong in Dubai Main Collection 658.4780287 BR PR (Browse shelf(Opens below)) Available T0055181
REGULAR University of Wollongong in Dubai Main Collection 658.4780287 BR PR (Browse shelf(Opens below)) Available T0055182

Includes bibliographical references (p. 483-485) and index.

Introduction --- Why Measure Information Security? --- The Art and Science of Security Metrics --- Audiences for Security Metrics --- Finding Candidate Metrics --- Metametrics and the PRAGMATIC Approach --- 150+ Example Security Metrics --- Designing PRAGMATIC Security Measurement System --- Advanced Information Security Metrics --- Downsides of Metrics --- Using PRAGMATIC Metrics in Practice --- Case Study ---- Conclusions ---- Appendix A: PRAGMATIC Criteria --- Appendix B: Business Model of Information Security (BMIS) --- Appendix C: Capability Maturity Model (CMM) --- Appendix D: Example Opinion Survey Form --- Appendix E: SABSA Security Attributes Table --- Appendix F: Prototype Metrics Catalog --- Appendix G: Effect of Weighting the PRAGMATIC Criteria --- Appendix H: ISO27k Maturity Scale Metrics --- Appendix I: Sample Management Survey --- Appendix J: Observer Bias --- Appendix K: Observer Calibration --- Appendix L: Bibliography.

Covering information security metrics, this book provides practical advice on how to specify, develop, use, and maintain a more meaningful and useful system of metrics. It provides guidance on using metrics to identify problem areas and drive security improvements. With a focus on measurement, the author discusses metrics that support an information security management system that complies with ISO/IEC 27001. The text introduces capability maturity metrics that can be used to measure and drive continuous improvement in information security. It also introduces the PRAGMATIC mnemonic to help practitioners choose better metrics.

ISIT937 UOWD

There are no comments on this title.

to post a comment.