Security Smarts for the Self-Guided IT Professional
''An extraordinarily thorough and sophisticated
explanation of why you need to measure the effectiveness
of your security program and how to do it. A must-have
for any quality security program!'' --Dave Cullinane,
CISSP, CISO & VP, Global Fraud, Risk & Security,
eBay Learn how to communicate the value of an
information security program, enable investment planning
and decision making, and drive necessary change to
improve the security of your organization. Security
Metrics: A Beginner's Guide explains, step by step, how
to develop and implement a successful security metrics
program. This practical resource covers project
management, communication, analytics tools, identifying
targets, defining objectives, obtaining stakeholder
buy-in, metrics automation, data quality, and
resourcing. You'll also get details on cloud-based
security metrics and process improvement. Templates,
checklists, and examples give you the hands-on help you
need to get started right away.Security Metrics: A
Beginner's Guide features: Lingo--Common security terms
defined so that you're in the know on the job
IMHO--Frank and relevant opinions based on the author's
years of industry experience Budget Note--Tips for
getting security technologies and processes into your
organization's budget In Actual Practice--Exceptions to
the rules of security explained in real-world contexts
Your Plan--Customizable checklists you can use on the
job now Into Action--Tips on how, why, and when to apply
new skills and techniques at work Caroline Wong, CISSP,
was formerly the Chief of Staff for the Global
Information Security Team at eBay, where she built the
security metrics program from the ground up. She has
been a featured speaker at RSA, ITWeb Summit, Metricon,
the Executive Women's Forum, ISC2, and the Information
Security Forum. |
|