Security Metrics Paper

Words: 961
Pages: 4
Open Document
effectively communicate result from their security metrics to stakeholders.
Reporting
According to Coelho (2007), a threat is any event that, if realized, can cause damage to a system and create a loss of confidentiality, availability, or integrity. The goal of any security program is to mitigate the risk posed by a threat and understand what risk level an organization can tolerate. Risk and security metrics should be designed to control risk level and prevent future threats. An example of a security metric is the False Positive Reporting Rate (FPRR), a reporting metric that provides indicators of compromise before management escalates resources and efforts in the response team (Linkov, 2013), it shows patch latency and how efficiently security …show more content…
Business leaders use return-on-investment (ROI) to understand whether security controls are effective. This requires that managers know the risk before and after the implementation of security measures, and the remaining value of organization's assets will influence how security manager convince stakeholders about his or her proposal. Ryan and Ryan (2008) explains how one should analyze risk and threat: Risk analysis and risk management ought to be based on quantitative performance metrics that inform cost-benefit analyses and return-on-investment (ROI) calculations, thereby enabling defensible management decisions concerning information security. Chief Information Security Officer can show accountability and receive top-management support by offering the CEO, CFO, and board of director visibility into the spending process by showcasing the percentage of strategic IT security projects completed on time and on budget. This ensures that security program aligns with business and organizational strategy, while delivering ever-increasing values to the executive …show more content…
Ryan and Ryan (2008) suggests that security incidents are multifaceted problems, a correlation relationship serves between metrics and security incidents. For example, a metric that collects the number of outgoing unprotected emails sent out by employees from Data Loss Prevent (DLS) can be analyzed in several ways. First, an unacceptably large number of outgoing traffic on a sustainable daily basis could indicate the lack of education in handling customer confidential information. Second, manager can confirm the presumption that employees need more trainings through security awareness metrics. Third, employee's misconduct may contribute to only part of the incident, a back-end problem could also lead to transmitting unencrypted data. Formal and regular examination of whether metrics indicate progress towards each objective and whether additional measurements needed for each metric. By utilizing all of the resources available without affecting business operations. Security effectiveness is measured by different framework, rather than a list of
Show More

Related Documents: Security Metrics Paper

Supply Chain Design-Riordan Manufacturing Paper

will depend on the strategy to have the best end result. Understanding the strategies and how they are used can help the manufacturing process. Riordan manufacturing is a Fortune 1000 organization which produces multiple products, throughout this paper Team C will explain Riordan’s manufacturing strategy and the details that go into a manufacturing strategy. Riordan’s Manufacturing Strategy There are three different types of manufacturing strategies that an organization can utilize, which include…

Words 1372 - Pages 6

Home: Management and Information Technology Management Essay

Management Behavior Group Project Logistics Papers should be 20-25 pages in length, double-spaced using a 12-point, Times New Roman font. In terms of page setup, 1 inch margins are to be used. In terms of citations and references, I was not too particular, but recent experience has made clear that proper citation and reference work is critical. I will accept MLA, APA or Chicago School styles, but each paper can only use one of these styles (in other words, papers that make use of different styles will…

Words 453 - Pages 2

Essay on Mcdonald's Risk

In 2008, the Company expects to issue commercial paper and long-term debt in order to refinance maturing debt and finance a portion of the Company’s previously disclosed expectation to return $15 billion to $17 billion to shareholders. Debt maturing in 2008 includes approximately $1.8 billion of outstanding…

Words 1254 - Pages 6

History Of Information System

BIOMETRICS BY: WILLIAM C. NEWTON SECR 5080 INFORMATION SYSTEMS SECURITY TABLE OF CONTENTS 1. TITLE PAGE………………………………………………………………………1 2. TABLE OF CONTENTS………………………………………………………….2 3. ABSTRACT………………………………………………………………………..3 4. HISTORY…………………………………………………………………………..4 5. TYPES OF BIOMETRICS………………………………………………………….6 6. FACIAL RECOGNITION…………………………………………………………..7 7. RETNA SCANNER………………………………………………………………….8 8. FINGERPRINT……………………………………………………………………….9 9. HANDPRINT…………………………………………………………………………9…

Words 2337 - Pages 10

Riordan Manufacturing Essay

Riordan Manufacturing Executive Summary ABCO Consulting thanks the Riordan organization for allowing us to do this upgrade analysis. A review of the existing infrastructure at Riordan has been completed and the findings are contained in this document. There will be a listing of what was found followed by a proposed upgrade system layout. The scope of this project is to cover the following systems and subsystems and to explain how they all interact one with another. Finance & Accounting…

Words 1969 - Pages 8

Operations Management Principles Essay

Abstract: This paper will present a white paper document for the XYZ Venture Capital Group advising where they might make a significant investment. The XYZ Venture Capital Group has no particular preference between a service and manufacturing profit group. ABC Consulting Group has decided to focus this white paper on the home movie – rental industry. The two companies highlighted in this industry are Knology Cable and Netflix. Introduction: Home Movie and Rental Industry…

Words 2595 - Pages 11

Financial Statement Analysis Case Alex Essays

miscalculations, external events, or otherwise. The most common liquidity ratios to look at are the; Current ratios, Quick ratios and Operating Cash Flow ratios, however the cash conversion ratios of A/R Turnover and Fixed Asset Turnover are also important metrics to consider because it helps show how effectively the companies are in turning their inventory into cash. In respect to EBAY and ORCL, ORCL again appears to be better positioned in regards to their liquidity. ORCL has a better Current Ratio & Cash…

Words 2572 - Pages 11

A Brief Note On Value Alignment

is a direct correlation between the way corporations conduct “good” business today and societal principles, values, and “good” beliefs in which we were taught in familial upbringings such as integrity, respect, honesty, trust, and loyalty. In this paper, Team B will confer the correlation between our personal and workplace values. We will analyze the alignment between those personal values, actions, and behaviors of individuals and that of organizations as well, namely, Bank of America. Lastly,…

Words 2077 - Pages 9

Essay on BSA385 Syllabus

Learning Team Toolkit Complete the Learning Team Charter. Support Material • Learning Team Charter • Read Me First Instructions • Read the course Read Me First. Support Material • Read Me First • Learning Team Instructions: Final Software Engineering Paper and Presentation Instructions • Background: Smith Consulting has received some feedback and concerns that their processes and procedures are not sufficiently documented. This lack of professional documentation has caused some loss of potential contracts…

Words 2781 - Pages 12

Essay on Biometrics and the future

passwords to fall into the wrong hands, and what was intended to be a security measure can become the tool of fraud or identity theft. The time for a more secure form of identification is upon us. A potential solution can be seen in the form of biometric identification. To understand the benefits of biometric identification one must understand the concept of biometrics. By combining the Greek words “bio”, which stands for “life”, and “metrics”, which stands for “measure”, a person can produce the term “biometrics”…

Words 1992 - Pages 8