Metrics and Methods for Security Risk Management

Metrics and Methods for Security Risk Management

by Carl Young
Released August 2010
Publisher(s): Syngress
ISBN: 9781856179799

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Security problems have evolved in the corporate world because of technological changes, such as using the Internet as a means of communication. With this, the creation, transmission, and storage of information may represent security problem.

Metrics and Methods for Security Risk Management is of interest, especially since the 9/11 terror attacks, because it addresses the ways to manage risk security in the corporate world. The book aims to provide information about the fundamentals of security risks and the corresponding components, an analytical approach to risk assessments and mitigation, and quantitative methods to assess the risk components. In addition, it also discusses the physical models, principles, and quantitative methods needed to assess the risk components. The by-products of the methodology used include security standards, audits, risk metrics, and program frameworks. Security professionals, as well as scientists and engineers who are working on technical issues related to security problems will find this book relevant and useful.

  • Offers an integrated approach to assessing security risk
  • Addresses homeland security as well as IT and physical security issues
  • Describes vital safeguards for ensuring true business continuity

Table of contents

  1. Cover Image
  2. Table of Contents
  3. Front matter
  4. Copyright
  5. Dedication
  6. About the Author
  7. Foreword
  8. Preface
  9. Acknowledgments
  10. Chapter 1. Security threats and risk
  11. 1.1. Introduction to security risk or tales of the psychotic squirrel and the sociable shark
  12. 1.2. The fundamental expression of security risk
  13. 1.3. Introduction to security risk models and security risk mitigation
  14. 1.4. Summary
  15. Chapter 2. The fundamentals of security risk measurements
  16. 2.1. Introduction
  17. 2.2. Linearity and nonlinearity
  18. 2.3. Exponents, logarithms, and sensitivity to change
  19. 2.4. The exponential function ex
  20. 2.5. The decibel
  21. 2.6. Security risk and the concept of scale
  22. 2.7. Some common physical models in security risk
  23. 2.8. Visualizing security risk
  24. 2.9. An example: guarding costs
  25. 2.10. Summary
  26. Chapter 3. Security risk measurements and security programs
  27. 3.1. Introduction
  28. 3.2. The security risk assessment process
  29. 3.3. Managing security risk
  30. 3.4. Security risk audits
  31. 3.5. Security risk program frameworks
  32. 3.6. Summary
  33. Chapter 4. Measuring the likelihood component of security risk
  34. 4.1. Introduction
  35. 4.2. Likelihood or potential for risk?
  36. 4.3. Estimating the likelihood of randomly occurring security incidents
  37. 4.4. Estimating the potential for biased security incidents
  38. 4.5. Averages and deviations
  39. 4.6. Actuarial approaches to security risk
  40. 4.7. Randomness, loss, and expectation value
  41. 4.8. Financial risk
  42. 4.9. Summary
  43. Chapter 5. Measuring the vulnerability component of security risk
  44. 5.1. Introduction
  45. 5.2. Vulnerability to information loss through unauthorized signal detection
  46. 5.3. Vulnerability to explosive threats
  47. 5.4. A theory of vulnerability to computer network infections
  48. 5.5. Biological, chemical, and radiological weapons
  49. 5.6. The visual compromise of information
  50. 5.7. Summary
  51. Chapter 6. Mitigating security risk
  52. 6.1. Introduction
  53. 6.2. Audible signals
  54. 6.3. Electromagnetic signals
  55. 6.4. Vehicle-borne explosive threats: barriers and bollards
  56. 6.5. Explosive threats
  57. 6.6. Radiological threats
  58. 6.7. Biological threats
  59. 6.8. Mitigating the risk of chemical threats (briefly noted)
  60. 6.9. Guidelines for reducing the vulnerability to non-traditional threats in commercial facilities
  61. 6.10. Commercial technical surveillance countermeasures
  62. 6.11. Electromagnetic pulse weapons
  63. 6.12. Summary
  64. Epilogue
  65. Appendix A. Scientific prefixes
  66. Appendix B. Sound levels and intensities
  67. Appendix C. The speed of sound in common materials
  68. Appendix D. Closed circuit television (CCTV) performance criteria and technical specifications
  69. Appendix E. Physical access authorization system performance criteria
  70. Appendix F. Exterior barrier performance criteria and technical specifications
  71. Appendix G. Window anti-blast methods technical specifications*
  72. Appendix H. Qualitative interpretation of Rw values
  73. Index

Product information

  • Title: Metrics and Methods for Security Risk Management
  • Author(s): Carl Young
  • Release date: August 2010
  • Publisher(s): Syngress
  • ISBN: 9781856179799