Addison-Wesley
Security metrics; replacing fear, uncertainty, and doubt.
Using case studies and war stories from his work in the software, aerospace, and financial services industries, Jaquith, a security consultant and program manager, shows how to establish effective metrics for an organization in this guide to quantifying, classifying, and measuring enterprise IT security operations. The book combines management's quantitative viewpoint with the nuts-and- bolts approach typically taken by security professionals. Coverage progresses from ways of measuring factors such as password quality and path latency, to quantifying the effectiveness of program activities and using visualization to communicate security issues. The book will be of interest to engineers and consultants responsible for security and reporting to management, and to executives who need more information for decision-making. (Annotation ©2007 Book News Inc. Portland, OR)
