Category Archives: Security Metrics

Cybersecurity Lessons from the Pandemic: CDC Model and FS/ISAC

– It is very ironic to see that, on August 18, 2021, the CDC (Centers for Disease Control and Prevention) announced the formation of a Center for Forecasting and Outbreak Analysis, see CDC Stands Up New Disease Forecasting Center | CDC Online Newsroom | CDC   I say that because when we…

Cybersecurity Lessons from the Pandemic: Models and Predictions

– There are a number of different types of models—and the output from each must be viewed and used differently depending on the form of the model. First, you have relationships derived from correlations—they show how one variable changes in concert with other variables, but do not claim…

Cybersecurity Lessons from the Pandemic: Metrics and Decision-Making

– We have discussed previously, such as in my May 18, 2020 BlogInfoSec column, some of the more challenging characteristics of data, such as those relating to value and uncertainty, which are generally not given adequate consideration. This is because these types of data may be much more costly and…

Cybersecurity Lessons from the Pandemic: Data – Part 2

– Having discussed issues relating to the collection and reporting of COVID-19 data in Part 1, we now turn to cyberspace, even though the jury is still out regarding much of the pandemic data. Equivalent situations to those described with respect to the pandemic regarding deficiencies in the…

Cybersecurity Lessons from the Pandemic: Data – Part 1

– The collection and reporting of data relating to the coronavirus pandemic and related medical research and practices are in a shambles. For example, a June 7, 2020 article by Jason Slotkin cites several reasons for undercounting cases.[i] One is that testing was impeded by public officials and…