IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data (Paperback)

Lance Hayden

  • 出版商: McGraw-Hill Education
  • 出版日期: 2010-07-12
  • 定價: $1,500
  • 售價: 5.0$750
  • 語言: 英文
  • 頁數: 396
  • 裝訂: Paperback
  • ISBN: 0071713409
  • ISBN-13: 9780071713405
  • 相關分類: 資訊安全
  • 立即出貨 (庫存 < 3)

買這商品的人也買了...

商品描述

Implement an Effective Security Metrics Project or Program

IT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety of organizational contexts to achieve continuous security improvement over time. Real-world examples of security measurement projects are included in this definitive guide.

  • Define security metrics as a manageable amount of usable data
  • Design effective security metrics
  • Understand quantitative and qualitative data, data sources, and collection and normalization methods
  • Implement a programmable approach to security using the Security Process Management Framework
  • Analyze security metrics data using quantitative and qualitative methods
  • Design a security measurement project for operational analysis of security metrics
  • Measure security operations, compliance, cost and value, and people, organizations, and culture
  • Manage groups of security measurement projects using the Security Improvement Program
  • Apply organizational learning methods to security metrics

商品描述(中文翻譯)

實施一個有效的安全度量專案或計畫

《IT安全度量》提供了一種全面的方法來衡量組織中的風險、威脅、運營活動以及數據保護的效果。本書解釋了如何選擇和設計有效的度量策略,並解決了這些策略的數據需求。引入了安全流程管理框架並討論了安全度量數據的分析策略。您將學習如何將安全度量計畫適應於各種組織背景,以實現持續的安全改進。本書還包括了安全度量專案的實際案例,是這方面的權威指南。

以下是本書的主要內容:
- 將安全度量定義為可管理的可用數據量
- 設計有效的安全度量
- 理解定量和定性數據、數據來源以及收集和標準化方法
- 使用安全流程管理框架實施可編程的安全方法
- 使用定量和定性方法分析安全度量數據
- 為安全度量的運營分析設計安全度量專案
- 測量安全運營、合規性、成本和價值,以及人員、組織和文化
- 使用安全改進計畫管理一組安全度量專案
- 將組織學習方法應用於安全度量

以上是這本權威指南中的內容。