“The purpose of risk management is to improve the future, not to explain the past. Security metrics are the servants of risk management, and risk management is about making decisions under uncertainty. Therefore, the only security metrics we are interested in are those that support decision making about risk for the purpose of managing [...]
Category Archive for 'Metrics'
-
Recent Posts
- And the Winner is … The Bank of New York Mellon
- Fear of the Unknown
- SANS COINS Program Can Help With DoD 8570
- IDS/IPS: The Mark Twain of the Security World
- RTIR: Adding Incident Response Capabilities to RT
- Request Tracker Installation (Part 2 of 2)
- Implementing a Web Application Firewall with ModSecurity
- Intense Simplicities
- Google Confabulation
- Unclear and Present Danger
Archive
Categories
-
Magazines
Recent Podcasts
- 2008-01-03: Many Eyes
- 2008-01-14: OpenIDDevCamp
- 2008-01-21: Open Source on the O’Reilly Radar
- 2008-01-23: Ajax Security
- 2008-02-13: Driving the Digital Revolution.
- 2008-02-18: itSMF and ISACA - like chalk and cheese
- 2008-03-29: Google’s Solar Photovoltaic System
- 2008-04-14: Enterprise Social Software
- 2008-04-18: Jon Swartz book “Zero Day Threat”
- 2008-04-28: Jeff Hawkins
- 2008-04-29: Getting in Front of Social Engineering
- 2008-04-29: Physics of the Impossible
- 2008-05-01: ISC Podcast
- 2008-05-19: Churchill Club: Top tech trends
- 2008-05-20: Brian Snow Interview
- 2008-05-21: iDefense Russia expert on cybercrime
- 2008-05-21: Pragmatic Wetware
- 2008-06-10: Online Bullying and the Law Against DDoS
- 2008-06-11: Puppet at Google
Standard Sites
-
Meta
-
