-
-
-
BlogInfoSec.com Sponsors
-
-
BlogInfoSec.com Partners
-
Tag Archives: metrics
The Status of Recent Research Concerning Data Breaches and Reputational Risk
September 11, 2008 – 6:00 am
–
Nearly three years ago, Ken Belva wrote a paper intended to be a “starting point for further, positive discussion” regarding the topic of data breaches and reputational risk. The title of the paper also presented Ken’s major theme: “How It’s Difficult to Ruin a…
Crossing the Metrics Rubicon: Quest for the Perfect Measurement
July 18, 2008 – 6:00 am
–
Security metrics represent a great untamed wilderness for organizations trying to determine both their risk profile and the effectiveness of the resources they have allocated to their security program. When I first became a security person after a career managing customer service, finance, and…
Provisioning: Security’s First Step to Measuring Organizational Impact
July 8, 2008 – 6:00 am
–
Security is often accused, occasionally with merit, of being an obstacle to an organization’s business. While the drumbeat of cyber threats has at least raised the technology risk consciousness of many business managers, security professionals still have the challenge of quantifying how big an…
Metrics Revisited – Application Security Metrics
May 12, 2008 – 6:00 am
–
I have recently been giving some thought to, and doing some research into, application security metrics, and I have determined, quite simply, that there aren’t any good ones.
“How ridiculous!” you say, “We have two dozen application security metrics, which we report in…
The OCC and Application Security: Vindication at Last