- Paperback: 396 pages
- Publisher: McGraw-Hill Education; 1 edition (July 12, 2010)
- Language: English
- ISBN-10: 0071713409
- ISBN-13: 978-0071713405
- Product Dimensions: 7.5 x 0.8 x 9.1 inches
- Shipping Weight: 1.4 pounds (View shipping rates and policies)
- Average Customer Review: 14 customer reviews
- Amazon Best Sellers Rank: #863,244 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Frequently bought together
Customers who bought this item also bought
About the Author
Lance Hayden, Ph.D., CISSP, CISM, is a Solutions Architect and Information Scientist with Cisco System's World Wide Security Practice where he helps Cisco's customers make informed decisions about their security operations. In addition to his private sector experience, he teaches at the University of Texas and is a former HUMINT officer with the Central Intelligence Agency.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
Lance Hayden's "IT Security Metrics" is one of those. My expectations were not terribly high as I've found most other metrics materials quickly devolve into near academic debate fodder. Thankfully in being able to preview a sample on the Kindle I was sold pretty quickly.
There is a prescriptive quality to the book that makes me stop as I'm reading to make notes and begin working on them. Despite his exhaustive academic background it seems Mr. Hayden also has a very solid real-world experience and blends the two in a way that I do not often see. Therein lays the value of this book in my opinion. Rather than simply telling us how to continue to slog through the daily barrage, or taking a highly ethereal, idealistic high ground position, this book describes in practical terms how we as security practitioners can systematically improve.
More importantly Mr. Hayden puts this improvement process purely in the context of the business we are there to support. Far too often security authors seem indifferent to the business implications of the art that we practice.
If you are looking for an A to Z checklist, this isn't for you. If you are an experienced IT security person then the methods and approach Lance Hayden suggests will take immediate root. It quite simply makes sense. There are some books that I have to force myself to pick up, this is one of those that I have to force myself to put down.
My only suggestion to Mr. Hayden -- turn this into a workshop!
It stands the test of time and is still used and re-read for sections when needed professionally.
It delivers as promised.
If IT manager accept that they are there to assist business decisions and help to identify risk and business continuity issues instead of just claiming for more Money and support, it will be much easier to achieve the good metric.