Building a Security Measures and Metrics Program

• Author : George Campbell
• Publisher : Unknown Publisher
• Release : 30 July 2021

Building a Security Measures and Metrics Program discusses the need for and benefits of a corporate security measures and metrics program. This 40-minute video presentation of narrated slides makes the case for a security metrics program: metrics provide invaluable insight on program effectiveness, the means to influence business strategy and policy, and the ability to demonstrate the value of security services to business leaders.

• Author : George Campbell
• Publisher : Elsevier
• Release : 02 April 2014

The revised second edition of Measures and Metrics in Corporate Security is an indispensable guide to creating and managing a security metrics program. Authored by George Campbell, emeritus faculty of the Security Executive Council and former chief security officer of Fidelity Investments, this book shows how to improve security’s bottom line and add value to the business. It provides a variety of organizational measurements, concepts, metrics, indicators and other criteria that may be employed to structure measures and metrics

• Author : George Campbell
• Publisher : Unknown Publisher
• Release : 01 June 2013

Building a Security Measures and Metrics Program discusses the need for and benefits of a corporate security measures and metrics program. This 40-minute video presentation of narrated slides makes the case for a security metrics program: metrics provide invaluable insight on program effectiveness, the means to influence business strategy and policy, and the ability to demonstrate the value of security services to business leaders. Presenter George Campbell, former chief security officer at Fidelity and 45-year security industry veteran, uses his

• Author : Gerald L. Kovacich,Edward Halibozek
• Publisher : Butterworth-Heinemann
• Release : 30 November 2016

Security Metrics Management, Measuring the Effectiveness and Efficiency of a Security Program, Second Edition details the application of quantitative, statistical, and/or mathematical analyses to measure security functional trends and workload, tracking what each function is doing in terms of level of effort (LOE), costs, and productivity. This fully updated guide is the go-to reference for managing an asset protection program and related security functions through the use of metrics. It supports the security professional’s position on budget matters,

• Author : Jason Andress,Mark Leary
• Publisher : Syngress
• Release : 01 November 2016

Building a Practical Information Security Program provides users with a strategic view on how to build an information security program that aligns with business objectives. The information provided enables both executive management and IT managers not only to validate existing security programs, but also to build new business-driven security programs. In addition, the subject matter supports aspiring security engineers to forge a career path to successfully manage a security program, thereby adding value and reducing risk to the business. Readers

• Author : Andrew Jaquith
• Publisher : Pearson Education
• Release : 26 March 2007

The Definitive Guide to Quantifying, Classifying, and Measuring Enterprise IT Security Operations Security Metrics is the first comprehensive best-practice guide to defining, creating, and utilizing security metrics in the enterprise. Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization’s unique requirements. You’ll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective

• Author : W. Krag Brotby, CISM
• Publisher : CRC Press
• Release : 30 March 2009

Spectacular security failures continue to dominate the headlines despite huge increases in security budgets and ever-more draconian regulations. The 20/20 hindsight of audits is no longer an effective solution to security weaknesses, and the necessity for real-time strategic metrics has never been more critical. Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement offers a radical new approach for developing and implementing security metrics essential for supporting business activities and managing information risk. This work provides anyone

• Author : Lance Hayden
• Publisher : McGraw Hill Professional
• Release : 22 August 2010

Implement an Effective Security Metrics Project or Program IT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll learn how to take a security metrics program and adapt it to a variety

• Author : John Sullivant
• Publisher : Butterworth-Heinemann
• Release : 24 February 2016

Building a Corporate Culture of Security: Strategies for Strengthening Organizational Resiliency provides readers with the proven strategies, methods, and techniques they need to present ideas and a sound business case for improving or enhancing security resilience to senior management. Presented from the viewpoint of a leading expert in the field, the book offers proven and integrated strategies that convert threats, hazards, risks, and vulnerabilities into actionable security solutions, thus enhancing organizational resiliency in ways that executive management will accept. The

• Author : Jack Freund,Jack Jones
• Publisher : Butterworth-Heinemann
• Release : 23 August 2014

Using the factor analysis of information risk (FAIR) methodology developed over ten years and adopted by corporations worldwide, Measuring and Managing Information Risk provides a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexity. Intended for organizations that need to either build a risk management program from the ground up or strengthen an existing one, this book provides a unique and fresh perspective on how to do a basic quantitative risk analysis. Covering

• Author : Caroline Wong
• Publisher : McGraw Hill Professional
• Release : 06 October 2011

Security Smarts for the Self-Guided IT Professional “An extraordinarily thorough and sophisticated explanation of why you need to measure the effectiveness of your security program and how to do it. A must-have for any quality security program!” —Dave Cullinane, CISSP, CISO & VP, Global Fraud, Risk & Security, eBay Learn how to communicate the value of an information security program, enable investment planning and decision making, and drive necessary change to improve the security of your organization. Security Metrics: A Beginner's Guide

• Author : National Research Council,Division on Engineering and Physical Sciences,Board on Infrastructure and the Constructed Environment,Committee for Oversight and Assessment of U.S. Department of Energy Project Management
• Publisher : National Academies Press
• Release : 01 August 2005

In 1997, Congress, in the conference report, H.R. 105-271, to the FY1998 Energy and Water Development Appropriation Bill, directed the National Research Council (NRC) to carry out a series of assessments of project management at the Department of Energy (DOE). The final report in that series noted that DOE lacked an objective set of measures for assessing project management quality. The department set up a committee to develop performance measures and benchmarking procedures and asked the NRC for assistance in

• Author : Carson Zimmerman
• Publisher : Unknown Publisher
• Release : 01 July 2014

Ten Strategies of a World-Class Cyber Security Operations Center conveys MITRE's accumulated expertise on enterprise-grade computer network defense. It covers ten key qualities of leading Cyber Security Operations Centers (CSOCs), ranging from their structure and organization, to processes that best enable smooth operations, to approaches that extract maximum value from key CSOC technology investments. This book offers perspective and context for key decision points in structuring a CSOC, such as what capabilities to offer, how to architect large-scale data collection

• Author : Stephen D. Gantz,Daniel R. Philpott
• Publisher : Newnes
• Release : 31 December 2012

FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the framework for securing information systems and managing risk associated with information resources in federal government agencies. Comprised of 17 chapters, the book explains the FISMA legislation and its provisions, strengths and limitations, as well as the expectations and obligations of federal agencies subject to FISMA. It also discusses the processes and activities necessary to

• Author : George Campbell
• Publisher : Elsevier
• Release : 28 March 2015

In corporate security today, while the topic of information technology (IT) security metrics has been extensively covered, there are too few knowledgeable contributions to the significantly larger field of global enterprise protection. Measuring and Communicating Security’s Value addresses this dearth of information by offering a collection of lessons learned and proven approaches to enterprise security management. Authored by George Campbell, emeritus faculty of the Security Executive Council and former chief security officer of Fidelity Investments, this book can be