Chapter 33: Security Metrics: An Introduction and Literature Review

George O.M. Yee     Carleton University, Ottawa, Ontario, Canada

Abstract

This chapter provides an introduction to and a literature review for security metrics. It begins by describing the need for security metrics, followed by a discussion of the nature of security metrics, including what makes a good security metric, what security metrics have been used in the past, and how security metrics can be scientifically based. This presentation is followed by suggestions for starting a security metrics program within an organization and a discussion of the feasibility of an intelligent security dashboard driven by metrics. The chapter concludes with a literature review that summarizes ...

Get Computer and Information Security Handbook, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.