Tag Archives: Security Metrics

Security Metrics and Tesla’s Safety Statistics

– I have long railed against the inadequacy of popular easy-to-record security metrics. They usually lack critical information about the nature and severity of vulnerabilities and are therefore misleading in providing support for decision-making. I addressed this point in my article “Accounting…

Security Metrics, Application Security and Cancer Research

– I would not have thought that there would be a relationship among security metrics, application security and cancer research until I read an article in the Sunday Magazine section of the June 17, 2018 New York Times by Siddhartha Mukherjee with the lengthy title “A way of thinking about cancer…

The Quest for Secure and Resilient Software

– Secure and Resilient Software Development (CRC Press, 2010) by Mark Merkow and Laksh Raghavan is a really good book. It addresses a key security area that is generally given short shrift, even though purportedly more than 70 percent of breaches result from attacks on the application layer. The…

Sandra Bullock and Security Metrics

– In his column in the March 30, 2010 New York Times, with the title “The Sandra Bullock Trade,” David Brooks reports that research has shown that interpersonal relationships are much more important for our wellbeing and happiness than are economic and professional successes. He concludes from…

Lord Kelvin’s New Clothes and Security Metrics

– I have the highest regard for Lord Kelvin. After all, I spent six years studying at the University of Glasgow, which is adjacent to Kelvingrove Park with its imposing statue of Lord Kelvin. I also have high regard for the Scots, despite my being branded (as are all foreigners) a Sassenach, or…