PRAGMATIC Security Metrics: Applying Metametrics to Information Security, 1st Edition

  • W. Krag Brotby
  • Published By: Auerbach Publications
  • ISBN-10: 1439881537
  • ISBN-13: 9781439881538
  • DDC: 658.4
  • Grade Level Range: College Freshman - College Senior
  • 512 Pages | eBook
  • Original Copyright 2013 | Published/Released February 2016
  • This publication's content originally published in print form: 2013

  • Price:  Sign in for price



Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. In addition to its obvious utility in the information security realm, the PRAGMATIC approach, introduced for the first time in this book, has broader application across diverse fields of management including finance, human resources, engineering, and production—in fact any area that suffers a surplus of data but a deficit of useful information.

Table of Contents

Front Cover.
Half Title Page.
Other Frontmatter.
Title Page.
Copyright Page.
Office Memorandum.
1: Why Measure Information Security?.
2: The Art and Science of Security Metrics.
3: Audiences for Security Metrics.
4: Finding Candidate Metrics.
5: Metametrics and the Pragmatic Approach.
6: 150+ Example Security Metrics.
7: Designing Pragmatic Security Measurement System.
8: Advanced Information Security Metrics.
9: Downsides of Metrics.
10: Using Pragmatic Metrics in Practice.
11: Case Study.
12: Conclusions.
Appendix A: Pragmatic Criteria.
Appendix B: Business Model of Information Security (BMIS).
Appendix C: Capability Maturity Model (CMM).
Appendix D: Example Opinion Survey Form.
Appendix E: SABSA Security Attributes Table.
Appendix F: Prototype Metrics Catalog.
Appendix G: Effect of Weighting the Pragmatic Criteria.
Appendix H: ISO27k Maturity Scale Metrics.
Appendix I: Sample Management Survey.
Appendix J: Observer Bias.
Appendix K: Observer Calibration.
Appendix L: Bibliography.