Developing operational security metrics to meet business

Assignment Help Basic Computer Science
Reference no: EM131095656

Developing Operational Security Metrics to Meet Business Value

Identity management is just one area of information assurance that needs to be improved in an organization. An information assurance professional needs to have a good understanding of how well all areas of security and information assurance are being managed and maintained. Metrics are very important instruments for managing security and information assurance. Examples of metrics from other areas of security that can be more quantitative and meaningful include:

  • Tracking the number of security intrusion detection incidents on a monthly basis
  • Breaking intrusion detection incidents down by unit and country because this will demonstrate if security is weak in some functional area
  • Recording the business impact of each intrusion detection incident

For this Project, write a 4- to 6-page paper in which you create 8-10 operational metrics, and explain how these metrics demonstrate the overall efficacy of the information assurance program at your organization. In the paper, respond to the following: 

  • How do you determine acceptable baselines for the metrics you created?
  • How are these metrics efficacious to the teams involved in the operation of security controls?

Because you are using a fictitious scenario, state any assumptions you make.

Include references and make your work original as possible.

Readings

  • Brotby, K. (2009). Information security governance: A practical development and implementation approach.  Hoboken, NJ: Wiley.
    • Chapter 13, "Security Program Development Metrics"
      In this chapter you are introduced to the process of putting an information system security strategy into operational use. You will explore the decisions that must be made and metrics that will be needed to provide the information required for security program development management.
    • Chapter 14, "Information Security Management Metrics"
      In this chapter you are introduced to the concept of using management metrics to help executive management of an organization with decision support regarding information security. You will investigate the tactical metrics that are needed to keep the information security governance program operating at an acceptable level guided by the strategic objectives.
  • Jaquith, A. (2007). Security metrics: Replacing fear, uncertainty, and doubt.  Upper Saddle River, NJ: Pearson.
    • Chapter 3, "Diagnosing Problems and Measuring Technical Security"
      In this chapter you will be introduced to a collection of common security metrics for diagnosing problems and measuring technical security activities.
    • Chapter 6, "Visualization"
      In this chapter you are introduced to the concept of graphically representing data and metrics as an information visualization practice. You will explore ways to display data graphically without losing the richness and texture that best facilitate deep understanding.

Reference no: EM131095656

Questions Cloud

Compare and contrast the four motivation theories : discuss the criticism of each theory. Which theory you identify with the most and why? You can identify with more than one, but it is not required. Development of idea and grammar.
Different types of correspondence in the workplace : You are working as the communications officer for a company located in a large office building with designated areas for employee breaks and lunches, located on each floor.
Security and compliance : Security and compliance are interconnected in important ways. What happens if you have a policy, but you cannot assure compliance? There is no automated enforcement mechanism. You cannot be sure if policy is followed or not.
Identify your current strategy for coping with stress : Write a summary defining stress and stressors. Explain the relationship between stress and physiological as well as psychological health. Discuss how you rated on the stress inventory - be specific. Then, identify the specific stressors in your lif..
Developing operational security metrics to meet business : Identity management is just one area of information assurance that needs to be improved in an organization. An information assurance professional needs to have a good understanding of how well all areas of security and information assurance are be..
Small consulting company is planning to make deposits : A small consulting company is planning to make deposits such that each one is 3% larger than the preceding one. What is the annual equivalent of this cash flow if the company makes 12 deposits and the interest rate is 8%? The first deposit is $7,000 ..
Find total reserves minus vault cash : Total Reserves minus vault cash equals- bank deposits with the Fed. excess reserves. currency in circulation.  required reserves
Specific data warehouse product : While this case study supports a specific data warehouse product, please locate another case study from another data warehousing software company and explain the data warehouse that was designed in that case study?
Guidelines for creating graphic aids : Make the graphic large enough for everyone to see easily-even people sitting In the back or the corners of the room. Do not crowd numbers or images on a graphic aid.

Reviews

Write a Review

 

Basic Computer Science Questions & Answers

  Find a recurrence relation with initial condition

Find a recurrence relation with initial condition(

  Create a class called uabiginteger

Create a class called UABigInteger. As the name implies, we want to create a class that will allow usto store an integer larger than a typical one (a value less than 2,147,483,647). This will be supportedby declaring an array of integers that will be..

  Pi requests a unit of ri and a unit of r3

pi requests a unit of Ri and a unit of R3.

  Discuss how the web has evolved through the years

Discuss how the Web has evolved through the years, first with individuals going to the Web as a resource for information and pulling that information down to their computers to what it is today, where individuals are actively participating in the con..

  Instead of changing individual attributes

If you do not wish to use the content placeholder, you can also insert a chart using the Insert Chart button in the __________ group.

  What is the best term to describe an increasingly intense

What is the best term to describe an increasingly intense and vicious debate online? Computer piracy typically occurs when which of the following is violated?

  Conduct research on different types of errors

Conduct research on different types of errors that might occur in Excel and how to prevent/correct them - conduct research on the Internet on how to clear a conditional format from a worksheet cell.

  Command and natural language

The president of your company approached you with his iPhone in one hand and his iPad in the other. He has just purchased the iPhone 4S and is fascinated with Siri, the voice recognition software. He then pulls up an app your team developed fo..

  Design an algorithm that prompts the user to enter a number

Design an algorithm that prompts the user to enter a number in the range of 1 through 100 and validates the input.

  An organization can prepare for and avoid the challenge

Identifying three primary challenges when deploying Active Directory and using it in an organization. Discuss specific ways an organization can prepare for and avoid the challenges.

  List two developments that demonstrate the cyclic behavior

Originally, computing was centralized on large mainframe computers. List two developments that demonstrate the cyclic behavior here as well.

  Identifying potential malicious attacks

You have just been hired as an Information Security Engineer for a video game development company. The organization network structure is identified in the below network diagram and specifically contains:

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd