Security Metrics

Security Smarts for the Self-Guided IT Professional"An extraordinarily thorough and sophisticated explanation of why you need to measure the effectiveness of your security program and how to do it. A must-have for any quality security program!" -Dave Cullinane, CISSP, CISO & VP, Global Fraud, Risk & Security, eBayLearn how to communicate the value of an information security program, enable investment planning and decision making, and drive necessary change to improve the security of your organization. Security Metrics: A Beginner's Guide explains, step by step, how to develop and implement a successful security metrics program.This practical resource covers project management, communication, analytics tools, identifying targets, defining objectives, obtaining stakeholder buy-in, metrics automation, data quality, and resourcing. You'll also get details on cloud-based security metrics and process improvement. Templates, checklists, and examples give you the hands-on help you need to get started right away.Security Metrics: A Beginner's Guide features:Lingo --Common security terms defined so that you're in the know on the job
IMHO --Frank and relevant opinions based on the author's years of industry experience
Budget Note --Tips for getting security technologies and processes into your organization's budget
In Actual Practice --Exceptions to the rules of security explained in real-world contexts
Your Plan --Customizable checklists you can use on the job now
Into Action --Tips on how, why, and when to apply new skills and techniques at workCaroline Wong , CISSP, was formerly the Chief of Staff for the Global Information Security Team at eBay, where she built the security metrics program from the ground up. She has been a featured speaker at RSA, ITWeb Summit, Metricon, the Executive Women's Forum, ISC2, and the Information Security Forum.