Preface

WHAT THIS BOOK IS ABOUT

This book is about security metrics: how to quantify, classify, and measure information security operations in modern enterprise environments.

HOW THIS BOOK CAME TO BE

Every consultant worth his or her weight in receipts accumulates a small trove of metaphors, analogies, and witty expressions. These help explain or clarify those rarified things that consultants do and tend to lubricate the consulting process. Oh, and they also tend to be funny. One of my favorite bits—particularly relevant to the topic at hand—is this one:

No good deed goes unpunished.

This simply means that with any worthwhile endeavor comes many unwitting (and often unwanted) consequences. So it is with the world of “security metrics.” As you ...

Get Security Metrics: Replacing Fear, Uncertainty, and Doubt now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.