Risk Metrics

This chapter presents the following topics:

•   Review effectiveness of existing security controls

•   Reverse-engineer/deconstruct existing solutions

•   Creation, collection, and analysis of metrics

•   Prototype and test multiple solutions

•   Create benchmarks and compare to baselines

•   Analyze and interpret trend data to anticipate cyber defense needs

•   Analyze security solution metrics and attributes to ensure they meet business needs

•   Use judgment to solve problems where the most secure solution is not feasible

In some environments, security is a must. In such cases, it doesn’t matter what it costs, how long it takes, or what needs to be implemented, security is the top priority. However, most businesses ...

Get CASP+ CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide, Second Edition (Exam CAS-003) now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.