CHAPTER 12Learning Security: Different Contexts for Security Process Management

I have come a long way from my initial descriptions of how we measure IT security today and why we should try to do it better. The Security Process Management (SPM) Framework is one way of structuring your security metrics efforts, and, if implemented correctly and conscientiously, the framework can seriously improve your ability to understand and protect information assets. But this can also be said of many other frameworks and models for security. The secret is not in the strategy, but in the correct and conscientious implementation of that strategy and then living and tweaking the strategy day in and day out over time. The SPM Framework is my take on how to measure ...

Get IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.