| 000 | 02789cam a2200361 a 4500 | ||
|---|---|---|---|
| 008 | 130405s2013 flua b 001 0 eng d | ||
| 010 | _a 2012277208 | ||
| 020 | _a9781439881521 | ||
| 035 | _a(OCoLC)ocn829957951 | ||
| 040 |
_aCDX _beng _cCDX _dNEO _dOCLCO _dYDXCP _dCLE _dOCLCQ _dALAUL _dOCLCQ _dOCLCF _dCRCPR _dOCLCQ _dDLC |
||
| 042 | _alccopycat | ||
| 050 | 0 | 0 |
_aHD30.38 _b.B76 2013 |
| 082 | 0 | 0 |
_a658.4/780287 _223 |
| 100 | 1 | _aBrotby, W. Krag | |
| 245 | 1 | 0 |
_aPragmatic security metrics : _bapplying metametrics to information security _cW. Krag Brotby and Gary Hinson ; preface by M.E. Kabay |
| 246 | 3 | 0 | _aApplying metametrics to information security |
| 260 |
_aBoca Raton, Fla : _bCRC Press, _cc2013. |
||
| 300 |
_axviii, 494 p. : _bill. ; _c24 cm. |
||
| 504 | _aIncludes bibliographical references (p. 483-485) and index. | ||
| 505 | 0 | _aIntroduction --- Why Measure Information Security? --- The Art and Science of Security Metrics --- Audiences for Security Metrics --- Finding Candidate Metrics --- Metametrics and the PRAGMATIC Approach --- 150+ Example Security Metrics --- Designing PRAGMATIC Security Measurement System --- Advanced Information Security Metrics --- Downsides of Metrics --- Using PRAGMATIC Metrics in Practice --- Case Study ---- Conclusions ---- Appendix A: PRAGMATIC Criteria --- Appendix B: Business Model of Information Security (BMIS) --- Appendix C: Capability Maturity Model (CMM) --- Appendix D: Example Opinion Survey Form --- Appendix E: SABSA Security Attributes Table --- Appendix F: Prototype Metrics Catalog --- Appendix G: Effect of Weighting the PRAGMATIC Criteria --- Appendix H: ISO27k Maturity Scale Metrics --- Appendix I: Sample Management Survey --- Appendix J: Observer Bias --- Appendix K: Observer Calibration --- Appendix L: Bibliography. | |
| 520 | _aCovering information security metrics, this book provides practical advice on how to specify, develop, use, and maintain a more meaningful and useful system of metrics. It provides guidance on using metrics to identify problem areas and drive security improvements. With a focus on measurement, the author discusses metrics that support an information security management system that complies with ISO/IEC 27001. The text introduces capability maturity metrics that can be used to measure and drive continuous improvement in information security. It also introduces the PRAGMATIC mnemonic to help practitioners choose better metrics. | ||
| 650 | 0 |
_aBusiness enterprises _xComputer networks _xSecurity measures |
|
| 650 | 0 | _aComputer security | |
| 650 | 0 | _aData protection | |
| 700 | 1 | _aHinson, Gary | |
| 700 | 1 | _aKabay, Michel E. | |
| 035 | _a(IMchF)fol15670433 | ||
| 526 | 0 |
_aISIT937 _5UOWD |
|
| 005 | 20170126101241.0 | ||
| 001 | 65144 | ||
| 003 | UOWD | ||
| 942 | _cREGULAR | ||
| 999 |
_c30148 _d30148 |
||