COMPLETE GUIDE TO SECURITY AND PRIVACY METRICS
and over 400,000 other books are available for Amazon Kindle – Amazon’s new wireless reading device.
Learn more
| |||||||||||||||
Frequently Bought Together
Customers Who Bought This Item Also Bought
by Andrew Jaquith
|
The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments by Douglas J. Landoll |
by W. Krag Brotby
|
Enterprise Security Architecture: A Business-Driven Approach by John Sherwood |
Information Security Management Handbook, Sixth Edition, Volume 3 by Harold F. Tipton |
Editorial Reviews
Review
This book is a useful reference for individuals who must meet the challenge of selecting good metrics.
—Cheryl Washington, Information Security Officer, California State University, writing in Educause Quarterly
… this book makes a noble effort at surveying the entire landscape of security and privacy metrics. … points out in her introduction a glaring limitation to many books on IT Security: it doesn’t function in a vacuum and must embrace the related domains of physical, personnel and operational security. … table provides and excellent starting point for reading the book and also allows quick identification of the particular sections most relevant to a reader’s interests. Provides valuable directions on how measurement works and what goes into producing a useful metric. … when faced with the necessity of developing a metrics program to measure the effectiveness of some aspect of your security efforts, this rather imposing tome is one I would recommend as a way to jumpstart your efforts. The master table in the introduction provides a quick guide to the particular section most relevant to the reader’s need …
— Richard Austin, in IEEE Cipher, June 2007
—Cheryl Washington, Information Security Officer, California State University, writing in Educause Quarterly
… this book makes a noble effort at surveying the entire landscape of security and privacy metrics. … points out in her introduction a glaring limitation to many books on IT Security: it doesn’t function in a vacuum and must embrace the related domains of physical, personnel and operational security. … table provides and excellent starting point for reading the book and also allows quick identification of the particular sections most relevant to a reader’s interests. Provides valuable directions on how measurement works and what goes into producing a useful metric. … when faced with the necessity of developing a metrics program to measure the effectiveness of some aspect of your security efforts, this rather imposing tome is one I would recommend as a way to jumpstart your efforts. The master table in the introduction provides a quick guide to the particular section most relevant to the reader’s need …
— Richard Austin, in IEEE Cipher, June 2007
Product Description
While it has become increasingly apparent that individuals and organizations need a security metrics program, it has been exceedingly difficult to define exactly what that means in a given situation. There are hundreds of metrics to choose from and an organization’s mission, industry, and size will affect the nature and scope of the task as well as the metrics and combinations of metrics appropriate to accomplish it. Finding the correct formula for a specific scenario calls for a clear concise guide with which to navigate this sea of information.
Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI defines more than 900 ready to use metrics that measure compliance, resiliency, and return on investment. The author explains what needs to be measured, why and how to measure it, and how to tie security and privacy metrics to business goals and objectives. The book addresses measuring compliance with current legislation, regulations, and standards in the US, EC, and Canada including Sarbanes-Oxley, HIPAA, and the Data Protection Act-UK. The metrics covered are scaled by information sensitivity, asset criticality, and risk, and aligned to correspond with different lateral and hierarchical functions within an organization. They are flexible in terms of measurement boundaries and can be implemented individually or in combination to assess a single security control, system, network, region, or the entire enterprise at any point in the security engineering lifecycle. The text includes numerous examples and sample reports to illustrate these concepts and stresses a complete assessment by evaluating the interaction and interdependence between physical, personnel, IT, and operational security controls.
Bringing a wealth of complex information into comprehensible focus, this book is ideal for corporate officers, security managers, internal and independent auditors, and system developers and integrators.
Product Details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, read author blogs, and more.
› Visit Amazon's Debra S. Herrmann Page
› Visit Amazon's Debra S. Herrmann Page
Inside This Book
(learn more)
Key Phrases - Statistically Improbable Phrases (SIPs):
(learn more)
security impact analysis, operational security controls, privacy impact analysis, likely useful life span, electronic security perimeter, cyber security standards, privacy metrics, asset criticality, critical cyber assets, business partner confidence, data subject records, operational control flows, sustaining that goal, residual information protection, loss event profile, annual tangible benefits, personnel security controls, definite insiders, design structure complexity, likely payback period, physical access rights, risk mitigation allocation, security management roles, threat being instantiated, resilience metrics Key Phrases - Capitalized Phrases (CAPs): (learn more)
United States, Patriot Act, Privacy Act, Data Protection Act, Privacy Guidelines, Security Guidelines, Data Integrity Board, Privacy Commissioner, Sarbanes-Oxley Act, Data Protection Directive, Attorney General, Federal Register, Personal Health Information Act, Supervisory Authority, Public Law, Definition Value Value Interpretation, Metric Target Observed, Black's Law, United Kingdom, Common Criteria, Department of Homeland Security, Homeland Security Presidential Directives, Use Limitation, Data Protection Commissioner, Federal Information Security Management Act New!
Books on Related Topics | Concordance | Text Stats Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
security impact analysis, operational security controls, privacy impact analysis, likely useful life span, electronic security perimeter, cyber security standards, privacy metrics, asset criticality, critical cyber assets, business partner confidence, data subject records, operational control flows, sustaining that goal, residual information protection, loss event profile, annual tangible benefits, personnel security controls, definite insiders, design structure complexity, likely payback period, physical access rights, risk mitigation allocation, security management roles, threat being instantiated, resilience metrics Key Phrases - Capitalized Phrases (CAPs): (learn more)
United States, Patriot Act, Privacy Act, Data Protection Act, Privacy Guidelines, Security Guidelines, Data Integrity Board, Privacy Commissioner, Sarbanes-Oxley Act, Data Protection Directive, Attorney General, Federal Register, Personal Health Information Act, Supervisory Authority, Public Law, Definition Value Value Interpretation, Metric Target Observed, Black's Law, United Kingdom, Common Criteria, Department of Homeland Security, Homeland Security Presidential Directives, Use Limitation, Data Protection Commissioner, Federal Information Security Management Act New!
Books on Related Topics | Concordance | Text Stats Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
What Do Customers Ultimately Buy After Viewing This Item?
 |
59% buy the item featured on this page: Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI $99.96 |
 |
20% buy Security Metrics: Replacing Fear, Uncertainty, and Doubt $34.64 |
 |
8% buy Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement$53.96 |
 |
8% buy Applied Security Visualization $32.99 |
Tags Customers Associate with This Product(What's this?)Click on a tag to find related items, discussions, and people.
|
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
Most Helpful Customer Reviews
Share your thoughts with other customers: Create your own review
|
 |
Customer Discussions
|
This product's forum
Active discussions in related forums
Search Customer Discussions
|
Listmania!
|
|
So You'd Like to...
Product Information from the Amapedia Community
Beta (What's this?)Be the first person to add an article about this item at Amapedia.com.
› See featured Amapedia.com articles
Look for Similar Items by Category
- Books > Business & Investing > Economics > Natural Resources
- Books > Business & Investing > Industries & Professions > Insurance > Risk Management
- Books > Business & Investing > Management & Leadership
- Books > Business & Investing > Reference
- Books > Computers & Internet > Business & Culture > Manager's Guides to Computing
- Books > Computers & Internet > Business & Culture > Privacy
- Books > Computers & Internet > Certification Central > Exams > Security+
- Books > Computers & Internet > Computer Science > Software Engineering > Information Systems
- Books > Computers & Internet > Web Development > Security & Encryption > Encryption
- Books > Professional & Technical > Engineering > Civil > Construction
Look for Similar Items by Subject
Your Recent History
(What's this?)|
After viewing product detail pages or search results, look here to find an easy way to navigate back to pages you are interested in. |
