The Metrics Manifesto: Confronting Security with Data

Seiersen, Richard

  • 出版商: Wiley
  • 出版日期: 2022-05-10
  • 售價: $1,520
  • 貴賓價: 9.5$1,444
  • 語言: 英文
  • 頁數: 320
  • 裝訂: Hardcover - also called cloth, retail trade, or trade
  • ISBN: 111951536X
  • ISBN-13: 9781119515364
  • 相關分類: 資訊安全
  • 無法訂購

商品描述

Security professionals are trained skeptics. They poke and prod at other people's digital creations, expecting them to fail in unexpected ways. Shouldn't that same skeptical power be turned inward? Shouldn't practitioners ask: "How do I know that my enterprise security capabilities work? Are they scaling, accelerating, or slowing as the business exposes more value to more people and through more channels at higher velocities?" This is the start of the modern measurement mindset--the mindset that seeks to confront security with data.

The Metrics Manifesto: Confronting Security with Data delivers an examination of security metrics with R, the popular open-source programming language and software development environment for statistical computing. This insightful and up-to-date guide offers readers a practical focus on applied measurement that can prove or disprove the efficacy of information security measures taken by a firm.

The book's detailed chapters combine topics like security, predictive analytics, and R programming to present an authoritative and innovative approach to security metrics. The author and security professional examines historical and modern methods of measurement with a particular emphasis on Bayesian Data Analysis to shed light on measuring security operations.

Readers will learn how processing data with R can help measure security improvements and changes as well as help technology security teams identify and fix gaps in security. The book also includes downloadable code for people who are new to the R programming language.

Perfect for security engineers, risk engineers, IT security managers, CISOs, and data scientists comfortable with a bit of code, The Metrics Manifesto offers readers an invaluable collection of information to help professionals prove the efficacy of security measures within their company.

商品描述(中文翻譯)

安全專業人員受過訓練,他們懷疑論。他們會對他人的數位創作進行檢驗和測試,期望它們以意想不到的方式失敗。那麼,這種懷疑的力量是否應該轉向內部呢?從實踐者的角度來看,他們應該問自己:“我如何知道我的企業安全能力是否有效?隨著業務向更多人通過更多渠道以更高速度提供更多價值,它們是在擴展、加速還是減速?”這是現代測量思維的開始,這種思維尋求用數據來面對安全問題。

《度量宣言:用數據面對安全》以 R 語言為基礎,提供了對安全度量的深入探討。R 是一種流行的開源編程語言和軟體開發環境,用於統計計算。這本富有洞察力且最新的指南專注於應用度量,可以證明或否定企業所採取的信息安全措施的有效性。

書中詳細的章節結合了安全、預測分析和 R 編程,提出了一種權威且創新的安全度量方法。作者和安全專業人員通過貝葉斯數據分析,探討了歷史和現代的測量方法,以揭示安全運營的測量情況。

讀者將學習如何使用 R 處理數據,以幫助測量安全改進和變化,並幫助技術安全團隊識別和修補安全漏洞。該書還提供了可下載的程式碼,適合對 R 編程語言不熟悉的人使用。

《度量宣言》非常適合安全工程師、風險工程師、IT 安全經理、CISO 和對編程有一定了解的數據科學家。它為專業人士提供了一個寶貴的信息收集,以幫助他們證明公司內部安全措施的有效性。

作者簡介

RICHARD SEIERSEN is Chief Risk Officer at Resilience Insurance. He is a technology executive with 20 years of experience in information security and risk management. Seiersen has held CISO roles at Twilio, LendingClub, and GE Healthcare and was Co-Founder of Soluble, which was sold to Lacework in 2021. He's also an active security startup advisor and consulting faculty member with IANS on cybersecurity risk management.

作者簡介(中文翻譯)

RICHARD SEIERSEN 是 Resilience Insurance 的首席風險官。他是一位擁有20年資訊安全和風險管理經驗的科技高階主管。Seiersen 曾在 Twilio、LendingClub 和 GE Healthcare 擔任 CISO 職位,並且是 Soluble 的共同創辦人,該公司於2021年被 Lacework 收購。他還是一位活躍的安全初創企業顧問,並且是 IANS 的諮詢教職員,專注於網絡安全風險管理。