Metrics Are Tools Designed to Research Paper

Open, View, and/or
Download this Document

Total Length: 1223 words ( 4 double-spaced pages)

Total Sources: 4

Page 1 of 4

There are many more different quantitative and qualitative metrics that have been engineered to assess and reduce security risk. Structured as quantitative or qualitative -- meaning that some are structured according to empirical, mathematical rules (quantitative; usually from disciplines such as finance), whilst others are structured in an experiential manner derived from interviews, observation, and so forth (qualitative) -- each has its benefits and disadvantages.

Uses of security metrics and how organizations benefit from them

The benefits of security metrics fall into three broad classes:

1. Strategic support -- Security metrics help tighten the security of different kinds of organizational decision-making such as planning programs, product and service selection, and resource allocation.

2. Quality assurance - Security metrics are used during the software development lifecycle in order to prevent and screen out vulnerabilities, particularly during the code production. They do this by executing functions such as measuring the system's adherence to coding standards and identifying vulnerabilities that may exist. They also track down and analyze possible security issues.

3. Tactical oversight -- Security metrics gauge the effectiveness of security controls and mange risk, identify areas for improvement, provide a basis for trend analyzing, and monitor the security statue of an organization's it system ensuring that it complies with security standards (Jansen (n.d.)).

In all these ways (and more), metrics are used throughout all it operations of the organization in order to prevent and screen out vulnerabilities, gauge the effectiveness of security controls and mange risk, identify areas for improvement, and monitor the security statue of an organization's it system so that it complies with security standards.

Metrics benefit the security of the organization in all ways. On a micro scale (as regards the it system itself), security metrics help ensure the safety and security of the organization's it system by identifying its potential vulnerabilities and tightening or correcting those.

Stuck Writing Your "Metrics Are Tools Designed To" Research Paper?

View All Our Example Metrics Are Tools Designed to Research Paper

Have A Custom Example Essay Written

On the macro scale, and as regards the organization as a whole, security metrics enable the organization to improve its security objectives so that no valuable data is corrupted or slips through that jeopardizes the safety of the organization.

Models and their derivative metrics should be repeatedly tested in order to ensure their reliability, namely that metrics should show constant and replicated positive results regardless of the it system that it is applied to. Metrics should also be applicable and timely.

The field of security metrics is enormous and complex and entire books have been written on the subject (see e.g. Bojanc & Jerman-Blazoc, 2008). Areas of ongoing research seek to improve the estimators of the system security as ways of developing new metrics and tightening up the procedures used. They also seek to make metrics as objective as possible order to screen out human error and bias. Researchers are also working to offer a more systematic and rapid means of obtaining meaningful measurements whilst seeking to broaden their understanding and insight into development of further models and into improvement of existent models and metrics.

Reference

Bojanc, R. & Jerman-Blazoc, B. (2008), an economic modeling approach to information security risk management. International Journal of Information Management 28 (2008) 413 -- 422

Chowdhary, a., & Mezzeapelle, M.A. (n.d.) Information Security metrics. Hewlett Packard.

Jansen, W. (n.d.) Directions in security metrics research. National Institute of Standards and Technology (NIST)

http://csrc.nist.gov/publications/nistir/ir7564/nistir-7564_metrics-research.pdf

Pedro, G.L., & Ashutosh, S. (2010). An approach to quantitatively measure Information security 3rd India Software Engineering Conference, Mysore, 25-27

Swanson, M. et al., Security Metrics Guide for Information Technology Systems, NIST Special Publication 800-55,

http://cid-7086a6423672c497.skydrive.live.com/self.aspx/.Public/NIST%20SP%20800-55.pdf.....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Metrics Are Tools Designed To" (2012, February 07) Retrieved May 20, 2024, from
https://www.aceyourpaper.com/essays/metrics-tools-designed-54066

Latest MLA Format (8th edition)

Copy Reference
"Metrics Are Tools Designed To" 07 February 2012. Web.20 May. 2024. <
https://www.aceyourpaper.com/essays/metrics-tools-designed-54066>

Latest Chicago Format (16th edition)

Copy Reference
"Metrics Are Tools Designed To", 07 February 2012, Accessed.20 May. 2024,
https://www.aceyourpaper.com/essays/metrics-tools-designed-54066
   

Open, View, and/or
Download this Document
order custom essay example