PRAGMATIC Security Metrics : Applying Metametrics to Information Security - W. Krag Brotby

PRAGMATIC Security Metrics

Applying Metametrics to Information Security

By: W. Krag Brotby, Gary Hinson

Hardcover | 8 January 2013 | Edition Number 1

At a Glance

Hardcover


Limited Stock Available

RRP $252.00

$38.90

85%OFF

or 4 interest-free payments of $9.72 with

In Stock and Aims to ship next day

Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, PRAGMATIC Security Metrics: Applying Metametrics to Information Security breaks the mold. This is the ultimate how-to-do-it guide for security metrics.

Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics) to help:

  • Security professionals systematically improve information security, demonstrate the value they are adding, and gain management support for the things that need to be done
  • Management address previously unsolvable problems rationally, making critical decisions such as resource allocation and prioritization of security relative to other business activities
  • Stakeholders, both within and outside the organization, be assured that information security is being competently managed

The PRAGMATIC approach lets you hone in on your problem areas and identify the few metrics that will generate real business value. The book:

  • Helps you figure out exactly what needs to be measured, how to measure it, and most importantly, why it needs to be measured
  • Scores and ranks more than 150 candidate security metrics to demonstrate the value of the PRAGMATIC method
  • Highlights security metrics that are widely used and recommended, yet turn out to be rather poor in practice
  • Describes innovative and flexible measurement approaches such as capability maturity metrics with continuous scales
  • Explains how to minimize both measurement and security risks using complementary metrics for greater assurance in critical areas such as governance and compliance

In addition to its obvious utility in the information security realm, the PRAGMATIC approach, introduced for the first time in this book, has broader application across diverse fields of management including finance, human resources, engineering, and production-in fact any area that suffers a surplus of data but a deficit of useful information.

Visit Security Metametrics. Security Metametrics supports the global community of professionals adopting the innovative techniques laid out in PRAGMATIC Security Metrics. If you, too, are struggling to make much sense of security metrics, or searching for better metrics to manage and improve information security, Security Metametrics is the place.http://securitymetametrics.com/

Industry Reviews

Like all books on metrics, PRAGMATIC Security Metrics: Applying Metametrics to Information Security makes the statement that "you can't manage what you can't measure". The authors claim that other books on information security metrics discuss number theory and statistics in academic terms. This title promises to be light on mathematics and heavy on utility and is meant as a how-to-do-it guide for security metrics.

As to the title, PRAGMATIC is an acronym for the basis of the method of the book, in using metrics that are predictive, relevant, actionable, genuine, meaningful, timely, independent and cost. After reading the first chapter, PRAGMATIC Security Metrics: Applying Metametrics to Information Security looks like it may live up to its promise of being able to use metrics not only to track and report performance but to identify problem areas and opportunities, and drive information security improvements. If so, this could be the metrics book a lot of information security professionals have been waiting for.
-Ben Rothke, CISSP, CISM, Information Security Manager, Wyndham Worldwide; and author of Computer Security: 20 Things Every Employee Should Know, writing on the RSA Conference Blog, www.rsaconference.com


Like all books on metrics, PRAGMATIC Security Metrics: Applying Metametrics to Information Security makes the statement that "you can't manage what you can't measure". The authors claim that other books on information security metrics discuss number theory and statistics in academic terms. This title promises to be light on mathematics and heavy on utility and is meant as a how-to-do-it guide for security metrics.

As to the title, PRAGMATIC is an acronym for the basis of the method of the book, in using metrics that are predictive, relevant, actionable, genuine, meaningful, timely, independent and cost. After reading the first chapter, PRAGMATIC Security Metrics: Applying Metametrics to Information Security looks like it may live up to its promise of being able to use metrics not only to track and report performance but to identify problem areas and opportunities, and drive information security improvements. If so, this could be the metrics book a lot of information security professionals have been waiting for.
-Ben Rothke, CISSP, CISM, Information Security Manager, Wyndham Worldwide; and author of Computer Security: 20 Things Every Employee Should Know, writing on the RSA Conference Blog, www.rsaconference.com

More in Management & Management Techniques

Principles : Life and Work - Ray Dalio

RRP $55.00

$38.35

30%
OFF
The Infinite Game : From the bestselling author of Start With Why - Simon Sinek
Measure What Matters : The Simple Idea that Drives 10x Growth - John Doerr
Leaders Eat Last : Why Some Teams Pull Together and Others Don't - Simon Sinek
The 7 Habits of Highly Effective People : 30th Anniversary Edition - Stephen R. Covey
Essentialism : The Disciplined Pursuit of Less - Greg McKeown

RRP $24.99

$21.75

13%
OFF
Joel Selwood: All In - Joel Selwood

RRP $49.99

$38.75

22%
OFF
Barefoot Kids : The new book from The Barefoot Investor - Scott Pape
Right Kind of Wrong : Why Learning to Fail Can Teach Us to Thrive - Amy Edmondson
Stillness is the Key : An Ancient Strategy for Modern Life - Ryan Holiday