Secure Metrics: A Beginners Guide

Описание:

Proven and easy-to-use security metrics strategies

Written by developer of eBay’s security metrics program, Security Metrics: A Beginner’s Guide is a must-have tool for any networking or security practitioner looking to optimize an existing security program and demonstrate measurable results. The book assumes real-life scenarios with limited resources and provides straightforward guidance for getting started quickly. Templates, checklists, and examples are provided both in the book and on the companion web site.

This practical guide begins by discussing the objective of measuring security, and addresses the key elements required to develop an effective security metrics program. This is followed by recommendations on how to identify targets for measurement, define key messages for key audiences, and obtain buy-in from stakeholders on measurement goals and timelines. The book describes processes for leveraging metrics for decision-making and driving change in an organization. It concludes with tips from an enterprise practitioner on how to work feedback loops into an effective metrics program for continuous improvement.

Security Metrics: A Beginner’s Guide features:

• Prevention Techniques: Process improvement measures you can take proactively to avoid attacks or vulnerabilities from emerging
• Case Studies: Example scenarios
• Hands-On Practice: Short try-it-yourself exercises that lead you through a series of steps to create a simple program or event
• Ask the Expert: Additional information in a question-and-answer format
• Checklists: A summary at the end of each chapter that lists the important tasks discussed
• Bang for Buck: Highlighted sections that point out how to optimize and leverage existing security processes and technologies to align with budget needs

Practical, in-depth coverage:
Why Measure Security?; Volumes, Bots; Essential Components of an Effective Security Metrics Practitioner; Analytics; Discipline, Commitment, Project Management; Decide What to Measure; Core Competencies; Identify Targets; Define Objectives / Goals; Define Your Priorities; Identify Key Messages for Key Audiences; Obtain Buy-In from Stakeholders and Commit to Timelines; Toolkit; Center for Information Security (CIS) Consensus Metrics Definitions; Case Study and Analysis Technology Samples; Creating the Best Environment for Healthy Metrics; Define a Communications Strategy; Create and Drive an Action Plan—The Importance of Project Management; Lessons Learned from an Enterprise Practitioner; Enhance Process Optimization and Data Quality; Fix Broken Processes Before Automation; Leverage Politics and Competition

Отзывы:

Возможность скачать PDF:

Категории: