Free Downloads
IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data

Implement an Effective Security Metrics Project or Program IT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety of organizational contexts to achieve continuous security improvement over time. Real-world examples of security measurement projects are included in this definitive guide. Define security metrics as a manageable amount of usable data Design effective security metrics Understand quantitative and qualitative data, data sources, and collection and normalization methods Implement a programmable approach to security using the Security Process Management Framework Analyze security metrics data using quantitative and qualitative methods Design a security measurement project for operational analysis of security metrics Measure security operations, compliance, cost and value, and people, organizations, and culture Manage groups of security measurement projects using the Security Improvement Program Apply organizational learning methods to security metrics

Paperback: 396 pages

Publisher: McGraw-Hill Education; 1 edition (July 12, 2010)

Language: English

ISBN-10: 0071713409

ISBN-13: 978-0071713405

Product Dimensions: 7.3 x 0.8 x 9.1 inches

Shipping Weight: 1.4 pounds (View shipping rates and policies)

Average Customer Review: 4.2 out of 5 stars  See all reviews (11 customer reviews)

Best Sellers Rank: #865,476 in Books (See Top 100 in Books) #46 in Books > Computers & Technology > Web Development & Design > Website Analytics #133 in Books > Computers & Technology > Internet & Social Media > Web Browsers #503 in Books > Computers & Technology > Security & Encryption > Privacy & Online Safety

I was not sure what to expect as I started reading IT Security Metrics (ISM). I had just discarded another new book, published in July 2010, supposedly about security metrics but really about nothing useful to anyone anchored in the operational IT world. Would ISM be another disappointment? Since Andrew Jaquith published Security Metrics in 2007, no other book had appeared to help security professionals measure their worlds. Thankfully, I can strongly recommend Lance Hayden's ISM as a very strong contributor to the discussion on security metrics. ISM's subtitle, "A Practical Framework for Measuring Security & Protecting Data," really does explain the purpose and value of this great new book.One aspect of ISM that made a distinct impression was its justification of qualitative measurement. It's fashionable in the security metrics community to focus almost exclusively on quantitative measurement. This usually means focusing on data that is already in numeric form. One of the primary lessons in ISM is that qualitative data has immense value. The challenge is rendering qualitative data in a form that can be counted. On p 141 Hayden says "the heart of qualitative analytical techniques is the concept of coding, or assigning themes and categories to the data and increasingly specific levels of analysis." Hayden explains how to perform this analysis, as well as how to incorporate other crucial data sources such as process maps and documentation. While I was familiar with this approach I had basically discounted it due to the prevailing mindset in the security metrics community. Now I will try to incorporate qualitative analysis my metrics program.ISM also succeeds by helping the reader focus on simple yet effective approaches such as Goal - Question - Metric.

IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data Measuring Data Quality for Ongoing Improvement: A Data Quality Assessment Framework (The Morgan Kaufmann Series on Business Intelligence) Data Analytics: Practical Data Analysis and Statistical Guide to Transform and Evolve Any Business Leveraging the Power of Data Analytics, Data Science, ... (Hacking Freedom and Data Driven Book 2) Measuring the User Experience, Second Edition: Collecting, Analyzing, and Presenting Usability Metrics (Interactive Technologies) Data Architecture: A Primer for the Data Scientist: Big Data, Data Warehouse and Data Vault Big Data For Beginners: Understanding SMART Big Data, Data Mining & Data Analytics For improved Business Performance, Life Decisions & More! The Data Revolution: Big Data, Open Data, Data Infrastructures and Their Consequences Data Structures in Java: From Abstract Data Types to the Java Collections Framework Ionic Framework: Building mobile apps with Ionic Framework Framework for the Lower Back: A 6-Step Plan for a Healthy Lower Back (FrameWork Active for Life) Library Analytics and Metrics: Using Data to Drive Decisions and Services Home Security: Top 10 Home Security Strategies to Protect Your House and Family Against Criminals and Break-ins (home security monitor, home security system diy, secure home network) A Practical Guide to Measuring Usability: 72 Answers to the Most Common Questions about Quantifying the Usability of Websites and Software Discovering Knowledge in Data: An Introduction to Data Mining (Wiley Series on Methods and Applications in Data Mining) Big Data, MapReduce, Hadoop, and Spark with Python: Master Big Data Analytics and Data Wrangling with MapReduce Fundamentals using Hadoop, Spark, and Python LEARN IN A DAY! DATA WAREHOUSING. Top Links and Resources for Learning Data Warehousing ONLINE and OFFLINE: Use these FREE and PAID resources to Learn Data Warehousing in little to no time Data Just Right: Introduction to Large-Scale Data & Analytics (Addison-Wesley Data and Analytics) An Architectural Framework for Describing Supervisory Control and Data Acquisition (SCADA) Systems Data Structures and the Java Collections Framework Big Data Driven Supply Chain Management: A Framework for Implementing Analytics and Turning Information Into Intelligence (FT Press Analytics)