Security metrics : replacing fear, uncertainty, and doubt /

Security metrics : replacing fear, uncertainty, and doubt /

Saved in:
Bibliographic Details
Author / Creator:Jaquith, Andrew.
Imprint:Upper Saddle River, N.J. : Addison-Wesley, 2007.
Description:1 online resource
Language:English
Subject:
Risk management.
Decision making.
Risk Management
Decision Making
Decision making
Risk management
Format: E-Resource Book
URL for this record:http://pi.lib.uchicago.edu/1001/cat/bib/13592108
Hidden Bibliographic Details
ISBN:9780321349989
0321349989
Digital file characteristics:text file
Notes:Includes bibliographical references and index.
Electronic reproduction. [Place of publication not identified] : HathiTrust Digital Library, 2010.
Master and use copy. Digital master created according to Benchmark for Faithful Digital Reproductions of Monographs and Serials, Version 1. Digital Library Federation, December 2002. http://purl.oclc.org/DLF/benchrepro0212
digitized 2010 HathiTrust Digital Library committed to preserve
Print version record.
Summary:The Definitive Guide to Quantifying, Classifying, and Measuring Enterprise IT Security Operations Security Metrics is the first comprehensive best-practice guide to defining, creating, and utilizing security metrics in the enterprise. Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization's unique requirements. You'll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. Security Metrics successfully bridges management's quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith's extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You'll learn how to: - Replace nonstop crisis response with a systematic approach to security improvement - Understand the differences between "good" and "bad" metrics - Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk - Quantify the effectiveness of security acquisition, implementation, and other program activities - Organize, aggregate, and analyze your data to bring out key insights - Use visualization to understand and communicate security issues more clearly - Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources - Implement balanced scorecards that present compact, holistic views of organizational security effectiveness Whether you're an engineer or consultant responsible for security and reporting to management-or an executive who needs better information for decision-making- Security Metrics is the resource you have been searching for. Andrew Jaquith, program manager for Yankee Group's Security Solutions and Services Decision Service, advises enterprise clients on prioritizing and managing security resources. He also helps security vendors develop product, service, and go-to-market strategies for reaching enterprise customers. He co-founded @stake, Incorporated, a security consulting pioneer acquired by Symantec Corporation in 2004. His application security and metrics research has been featured ...
Other form:Print version: Jaquith, Andrew. Security metrics. Upper Saddle River, NJ : Addison-Wesley, ©2007
Standard no.:9780321349989

MARC

LEADER 00000cam a2200000 a 4500
001 13592108
006 m o d
007 cr unu||||||||
008 070501s2007 nju ob 001 0 eng d
005 20241126151048.3
019 |a 608420375  |a 608923135  |a 1044254639  |a 1056400479  |a 1060867227  |a 1062904449  |a 1074321767  |a 1083236358  |a 1100907398  |a 1103281562  |a 1104445124  |a 1105770885  |a 1112590584  |a 1112955312  |a 1113221062  |a 1129368223 
020 |a 9780321349989  |q (paperback) 
020 |a 0321349989  |q (paperback) 
024 8 |a 9780321349989 
035 9 |a (OCLCCM-CC)123904779 
035 |a (OCoLC)123904779  |z (OCoLC)608420375  |z (OCoLC)608923135  |z (OCoLC)1044254639  |z (OCoLC)1056400479  |z (OCoLC)1060867227  |z (OCoLC)1062904449  |z (OCoLC)1074321767  |z (OCoLC)1083236358  |z (OCoLC)1100907398  |z (OCoLC)1103281562  |z (OCoLC)1104445124  |z (OCoLC)1105770885  |z (OCoLC)1112590584  |z (OCoLC)1112955312  |z (OCoLC)1113221062  |z (OCoLC)1129368223 
037 |a CL0500000009  |b Safari Books Online 
040 |a UMI  |b eng  |e pn  |c UMI  |d TXJ  |d CEF  |d OCLCQ  |d OCLCE  |d DEBSZ  |d OCLCQ  |d OCLCO  |d OCLCQ  |d OCLCF  |d OCLCQ  |d YDX  |d AU@  |d OCLCQ  |d WYU  |d OCLCQ  |d UAB  |d VT2  |d CNCEN  |d OCLCQ  |d OCLCO  |d ERF  |d UKBTH  |d UHL  |d OCLCO  |d OCLCQ  |d OCLCO  |d OCLCL 
042 |a dlr 
049 |a MAIN 
050 4 |a HD61  |b .J37 2007 
100 1 |a Jaquith, Andrew. 
245 1 0 |a Security metrics :  |b replacing fear, uncertainty, and doubt /  |c by Andrew Jaquith. 
260 |a Upper Saddle River, N.J. :  |b Addison-Wesley,  |c 2007. 
300 |a 1 online resource 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
347 |a text file 
504 |a Includes bibliographical references and index. 
505 0 |a Introduction: escaping the hamster wheel of pain -- Defining security metrics -- Diagnosing problems and measuring technical security -- Measuring program effectiveness -- Analysis techniques -- Visualization -- Automating metrics calculations -- Designing security scorecards. 
588 0 |a Print version record. 
533 |a Electronic reproduction.  |b [Place of publication not identified] :  |c HathiTrust Digital Library,  |d 2010.  |5 MiAaHDL 
538 |a Master and use copy. Digital master created according to Benchmark for Faithful Digital Reproductions of Monographs and Serials, Version 1. Digital Library Federation, December 2002.  |u http://purl.oclc.org/DLF/benchrepro0212  |5 MiAaHDL 
583 1 |a digitized  |c 2010  |h HathiTrust Digital Library  |l committed to preserve  |2 pda  |5 MiAaHDL 
520 |a The Definitive Guide to Quantifying, Classifying, and Measuring Enterprise IT Security Operations Security Metrics is the first comprehensive best-practice guide to defining, creating, and utilizing security metrics in the enterprise. Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization's unique requirements. You'll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. Security Metrics successfully bridges management's quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith's extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You'll learn how to: - Replace nonstop crisis response with a systematic approach to security improvement - Understand the differences between "good" and "bad" metrics - Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk - Quantify the effectiveness of security acquisition, implementation, and other program activities - Organize, aggregate, and analyze your data to bring out key insights - Use visualization to understand and communicate security issues more clearly - Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources - Implement balanced scorecards that present compact, holistic views of organizational security effectiveness Whether you're an engineer or consultant responsible for security and reporting to management-or an executive who needs better information for decision-making- Security Metrics is the resource you have been searching for. Andrew Jaquith, program manager for Yankee Group's Security Solutions and Services Decision Service, advises enterprise clients on prioritizing and managing security resources. He also helps security vendors develop product, service, and go-to-market strategies for reaching enterprise customers. He co-founded @stake, Incorporated, a security consulting pioneer acquired by Symantec Corporation in 2004. His application security and metrics research has been featured ... 
542 |f Copyright © 2007 Pearson Education, Incorporated  |g 2007 
542 |f Copyright © 2007 Pearson Education, Inc.  |g 2007 
650 0 |a Risk management.  |0 http://id.loc.gov/authorities/subjects/sh85114200 
650 0 |a Decision making.  |0 http://id.loc.gov/authorities/subjects/sh85036199 
650 2 |a Risk Management  |0 https://id.nlm.nih.gov/mesh/D012308 
650 2 |a Decision Making  |0 https://id.nlm.nih.gov/mesh/D003657 
650 6 |a Gestion du risque. 
650 6 |a Prise de décision. 
650 7 |a risk management.  |2 aat 
650 7 |a decision making.  |2 aat 
650 7 |a Risk management.  |2 blmlsh 
650 7 |a Decision making.  |2 blmlsh 
650 7 |a Decision making  |2 fast 
650 7 |a Risk management  |2 fast 
758 |i has work:  |a Security metrics (Text)  |1 https://id.oclc.org/worldcat/entity/E39PD3kDT4mTjrYQ7KKVM9vxH3  |4 https://id.oclc.org/worldcat/ontology/hasWork 
776 0 8 |i Print version:  |a Jaquith, Andrew.  |t Security metrics.  |d Upper Saddle River, NJ : Addison-Wesley, ©2007  |w (DLC) 2006103239  |w (OCoLC)77573101 
856 4 0 |u https://go.oreilly.com/uchicago/library/view/-/9780321349989/?ar  |y O'Reilly 
929 |a oclccm 
999 f f |s 8efeeffb-4e7d-4a89-87fd-e9713d132ca3  |i 88c399b6-2128-4420-807e-6024a59293d7 
928 |t Library of Congress classification  |a HD61.J37 2007  |l Online  |c UC-FullText  |u https://go.oreilly.com/uchicago/library/view/-/9780321349989/?ar  |z O'Reilly  |g ebooks  |i 13735047 

Similar Items