Information Security Research Library

Powered by


Today, organizations often have several -- often conflicting -- objectives when making security investment decisions. Finding the right balance among these objectives and determining which investment strategy best achieves the desired balance depends on a security metrics program that supports the decision process. Unfortunately, despite the proliferation of automated risk, security information management tools and incident response teams, organizations have terabytes of data that provide limited insight into how they should invest. In order to answer the question "Did we make the right security investment decisions," it is important to explicitly identify the objectives and determine which metrics are needed to support the spending process.

In this presentation, Carnegie Mellon University professor Shawn Butler shows you how to improve your security metrics program by closing the gap between the metrics you need and the metrics you are collecting.


Bitpipe Definitions: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Other

What's Popular at Bitpipe? Daily Top 50 Reports | Daily Top 100 Topics | Popular Report Topics

Information Security Research Library Copyright © 1998-2014 Bitpipe, Inc. All Rights Reserved.

Designated trademarks and brands are the property of their respective owners.

Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy.