Security Metrics for Enterprise Information Systems
Journal Title: Journal of Applied Quantitative Methods - Year 2006, Vol 1, Issue 2
Abstract
Managing the security of enterprise information systems has become a critical issue in the era of Internet economy. As any other process, security can not be managed, if it can not be measured. The need for metrics is important for assessing the current security status, to develop operational best practices and also for guiding future security research. The topic is important at a time when companies are coming under increasing compliance pressures that require them to demonstrate due diligence when protecting their data assets. Metrics give companies a way to prioritize threats and vulnerabilities and the risks they pose to enterprise information assets based on a quantitative or qualitative measure. This paper presents a framework for ranking vulnerabilities in a consistent fashion, and some operational metrics used by large enterprises in managing their information systems security process.
Authors and Affiliations
Victor-Valeriu PATRICIU, Iustin PRIESCU, Sebastian NICOLAESCU
Keywords
Related Articles
- EP ID EP102920
- DOI -
- Views 105
- Downloads 0
Data Mining into the Websites of Management Institutes using Binary Representation
A similarity index is developed in this paper to measure the resemblance of information contained in the websites of several management institutes of India. The data matrix pertaining to information contents of the diffe...
Structural Modeling and Analysis of Intelligent Mobile Learning Environment: A Graph Theoretic System Approach
This paper presents a new methodology using graph theory and matrix algebra to analyze software architecture based on systems engineering approach. It proposes a set of analytical tool to capture the notion of structural...
Control of Projects - A Cybernetic Control
Control is the last element in the implementation cycle planning-monitoringcontrolling. Information is collected about system performance, compared with the desired (or planned) level, and action taken if actual and desi...
About the Impossibility Theorem for Indicators Aggregation
This paper presents some aspects related to the issues of aggregating economic indicators. Departing from the research of Gh. Paun (1983) we will prove a theorem which states that under certain, natural assumptions, it i...
The Probability Model for Risk of Vulnerability to STDs/or HIV Infection among Pre-Marital Female Migrants in Urban India
In the study, authors have proposed a mathematical model for unmarried female migrant workers having number of closed boy friends. They are more vulnerable to STDs and HIV transmission. The model is fitted well on the gi...