Download PDF IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden
From currently, locating the finished site that markets the completed publications will certainly be numerous, yet we are the trusted site to check out. IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden with simple web link, easy download, and completed book collections become our better services to obtain. You could discover as well as use the perks of choosing this IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden as every little thing you do. Life is consistently establishing as well as you need some brand-new publication IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden to be reference always.
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden
Download PDF IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden
IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden. Change your behavior to hang or squander the time to only chat with your close friends. It is done by your everyday, do not you really feel tired? Now, we will certainly reveal you the new routine that, actually it's a very old habit to do that can make your life more certified. When feeling bored of consistently chatting with your friends all downtime, you can find guide entitle IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden and afterwards review it.
Also the cost of a book IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden is so affordable; lots of people are truly thrifty to reserve their money to get the publications. The other reasons are that they really feel bad and have no time to visit guide shop to browse the book IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden to read. Well, this is contemporary period; so lots of e-books can be obtained conveniently. As this IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden and more publications, they can be entered extremely quick ways. You will not require to go outdoors to obtain this e-book IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden
By visiting this web page, you have done the best looking point. This is your begin to pick guide IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden that you really want. There are great deals of referred e-books to check out. When you intend to obtain this IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden as your publication reading, you could click the link page to download and install IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden In couple of time, you have actually possessed your referred books as your own.
As a result of this publication IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden is marketed by on the internet, it will relieve you not to publish it. you can obtain the soft documents of this IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden to save money in your computer system, kitchen appliance, and more tools. It depends upon your desire where and where you will read IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden One that you need to consistently keep in mind is that reviewing e-book IT Security Metrics: A Practical Framework For Measuring Security & Protecting Data, By Lance Hayden will endless. You will certainly have ready to check out various other publication after finishing a book, as well as it's continually.
Implement an Effective Security Metrics Project or Program
IT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety of organizational contexts to achieve continuous security improvement over time. Real-world examples of security measurement projects are included in this definitive guide.
- Define security metrics as a manageable amount of usable data
- Design effective security metrics
- Understand quantitative and qualitative data, data sources, and collection and normalization methods
- Implement a programmable approach to security using the Security Process Management Framework
- Analyze security metrics data using quantitative and qualitative methods
- Design a security measurement project for operational analysis of security metrics
- Measure security operations, compliance, cost and value, and people, organizations, and culture
- Manage groups of security measurement projects using the Security Improvement Program
- Apply organizational learning methods to security metrics
- Sales Rank: #853160 in Books
- Published on: 2010-07-12
- Released on: 2010-06-21
- Original language: English
- Number of items: 1
- Dimensions: 9.10" h x .82" w x 7.30" l, 1.47 pounds
- Binding: Paperback
- 396 pages
About the Author
Lance Hayden, Ph.D., CISSP, CISM, is a Solutions Architect and Information Scientist with Cisco System's World Wide Security Practice where he helps Cisco's customers make informed decisions about their security operations. In addition to his private sector experience, he teaches at the University of Texas and is a former HUMINT officer with the Central Intelligence Agency.
Most helpful customer reviews
22 of 23 people found the following review helpful.
Fresh, compelling take on information security metrics
By Richard Bejtlich
I was not sure what to expect as I started reading IT Security Metrics (ISM). I had just discarded another new book, published in July 2010, supposedly about security metrics but really about nothing useful to anyone anchored in the operational IT world. Would ISM be another disappointment? Since Andrew Jaquith published Security Metrics in 2007, no other book had appeared to help security professionals measure their worlds. Thankfully, I can strongly recommend Lance Hayden's ISM as a very strong contributor to the discussion on security metrics. ISM's subtitle, "A Practical Framework for Measuring Security & Protecting Data," really does explain the purpose and value of this great new book.
One aspect of ISM that made a distinct impression was its justification of qualitative measurement. It's fashionable in the security metrics community to focus almost exclusively on quantitative measurement. This usually means focusing on data that is already in numeric form. One of the primary lessons in ISM is that qualitative data has immense value. The challenge is rendering qualitative data in a form that can be counted. On p 141 Hayden says "the heart of qualitative analytical techniques is the concept of coding, or assigning themes and categories to the data and increasingly specific levels of analysis." Hayden explains how to perform this analysis, as well as how to incorporate other crucial data sources such as process maps and documentation. While I was familiar with this approach I had basically discounted it due to the prevailing mindset in the security metrics community. Now I will try to incorporate qualitative analysis my metrics program.
ISM also succeeds by helping the reader focus on simple yet effective approaches such as Goal - Question - Metric. Many of us jump straight to "metric" and then try to imagine what question the metric is supposed to answer and what goal is served. I also very much appreciated Hayden's focus on information security as a *business process* and not a way to achieve a "state." No one asks "how HR are we today?" like someone might ask "how secure are we today?"
I will conclude my endorsement of ISM by noting that I thought the honest discussion in some case studies was very powerful. For example, in chapter 3 Cisco admitted having 1000 bot victims and a four month period where their network monitoring platform missed traffic, due to SPAN port misconfiguration! You don't usually see that level of detail and "naming names" in security books, so I applaud the authors.
Overall, if you want to introduce a comprehensive security metrics program in your environment, ISM will very skillfully offer one way to accomplish that goal. It's immensely practical and grounded in reality, and it will help you.
9 of 9 people found the following review helpful.
Powerful, practical and actionable
By David J. Elfering
I've been running a security program for over 10 years and once in a while a book or reference comes along that truly helps me in my work.
Lance Hayden's "IT Security Metrics" is one of those. My expectations were not terribly high as I've found most other metrics materials quickly devolve into near academic debate fodder. Thankfully in being able to preview a sample on the Kindle I was sold pretty quickly.
There is a prescriptive quality to the book that makes me stop as I'm reading to make notes and begin working on them. Despite his exhaustive academic background it seems Mr. Hayden also has a very solid real-world experience and blends the two in a way that I do not often see. Therein lays the value of this book in my opinion. Rather than simply telling us how to continue to slog through the daily barrage, or taking a highly ethereal, idealistic high ground position, this book describes in practical terms how we as security practitioners can systematically improve.
More importantly Mr. Hayden puts this improvement process purely in the context of the business we are there to support. Far too often security authors seem indifferent to the business implications of the art that we practice.
If you are looking for an A to Z checklist, this isn't for you. If you are an experienced IT security person then the methods and approach Lance Hayden suggests will take immediate root. It quite simply makes sense. There are some books that I have to force myself to pick up, this is one of those that I have to force myself to put down.
My only suggestion to Mr. Hayden -- turn this into a workshop!
10 of 11 people found the following review helpful.
One of the two best security metrics books
By Dr Anton Chuvakin
There are, as it turns out, more than few books on security metrics, but only this one (and Andrew Jaquith's) are worth reading. This one is actually well-written, insightful AND useful - yes, all three. At times it goes into high concepts and methods (useful to know) and at times it is useful on a pretty much daily basis. If you plan to measure your security, get this book!
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden PDF
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden EPub
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden Doc
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden iBooks
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden rtf
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden Mobipocket
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, by Lance Hayden Kindle
Tidak ada komentar:
Posting Komentar