03293oam 2200529 450 991081895010332120240214110151.00-429-11156-81-4398-8153-710.1201/b14047(OCoLC)831118565(MiFhGG)GVRL8QAX(EXLCZ)99267000000034160520130405h20132013 uy 0engurun#---uuuuatxtccrPragmatic security metrics applying metametrics to information security /W. Krag Brotby and Gary Hinson ; preface by M.E. Kabay1st editionBoca Raton :CRC Press, Taylor & Francis Group,[2013]�20131 online resource (xviii, 485 pages) illustrationsGale eBooks"An Auerbach book."1-4398-8152-9 Includes bibliographical references.Front Cover; Contents; Foreword; Preface; Acknowledgments; Office Memorandum; Chapter 1 - Introduction; Chapter 2 - Why Measure Information Security?; Chapter 3 - The Art and Science of Security Metrics; Chapter 4 - Audiences for Security Metrics; Chapter 5 - Finding Candidate Metrics; Chapter 6 - Metametrics and the PRAGMATIC Approach; Chapter 7 - 150+ Example Security Metrics; Chapter 8 - Designing PRAGMATIC Security Measurement System; Chapter 9 - Advanced Information Security Metrics; Chapter 10 - Downsides of Metrics; Chapter 11 - Using PRAGMATIC Metrics in PracticeChapter 12 - Case StudyChapter 13 - Conclusions; Appendix A: PRAGMATIC Criteria; Appendix B: Business Model of Information Security (BMIS); Appendix C: Capability Maturity Model (CMM); Appendix D: Example Opinion Survey Form; Appendix E: SABSA Security Attributes Table; Appendix F: Prototype Metrics Catalog; Appendix G: Effect of Weighting the PRAGMATIC Criteria; Appendix H: ISO27k Maturity Scale Metrics; Appendix I: Sample Management Survey; Appendix J: Observer Bias; Appendix K: Observer Calibration; Appendix L: Bibliography; Back CoverOther books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics. Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to help: Security professionals systBusiness enterprisesComputer networksSecurity measuresComputer securityData protectionBusiness enterprisesComputer networksSecurity measures.Computer security.Data protection.658.478Brotby W. Krag.862239Hinson GaryKabay Michel E.MiFhGGMiFhGGBOOK9910818950103321Pragmatic security metrics3968374UNINA