This resource is no longer available

Metrics for Security Investment Decisions: Are You Collecting the Right Data?

Cover
Today, organizations often have several -- often conflicting -- objectives when making security investment decisions. Finding the right balance among these objectives and determining which investment strategy best achieves the desired balance depends on a security metrics program that supports the decision process. Unfortunately, despite the proliferation of automated risk, security information management tools and incident response teams, organizations have terabytes of data that provide limited insight into how they should invest. In order to answer the question "Did we make the right security investment decisions," it is important to explicitly identify the objectives and determine which metrics are needed to support the spending process.

In this presentation, Carnegie Mellon University professor Shawn Butler shows you how to improve your security metrics program by closing the gap between the metrics you need and the metrics you are collecting.

Author

Shawn Butler cyLab's Risk Management Interest Group
Vendor:
Information Security Decisions sponsored by Scentric, Inc.
Posted:
17 Oct 2006
Published
17 Oct 2006
Format:
PDF
Length:
25  Page(s)
Type:
Presentation
Language:
English

This resource is no longer available.