Security Metrics for Enterprise Information Systems
Journal Title: Journal of Applied Quantitative Methods - Year 2006, Vol 1, Issue 2
Abstract
Managing the security of enterprise information systems has become a critical issue in the era of Internet economy. As any other process, security can not be managed, if it can not be measured. The need for metrics is important for assessing the current security status, to develop operational best practices and also for guiding future security research. The topic is important at a time when companies are coming under increasing compliance pressures that require them to demonstrate due diligence when protecting their data assets. Metrics give companies a way to prioritize threats and vulnerabilities and the risks they pose to enterprise information assets based on a quantitative or qualitative measure. This paper presents a framework for ranking vulnerabilities in a consistent fashion, and some operational metrics used by large enterprises in managing their information systems security process.
Authors and Affiliations
Victor-Valeriu PATRICIU, Iustin PRIESCU, Sebastian NICOLAESCU
Keywords
Related Articles
- EP ID EP102920
- DOI -
- Views 108
- Downloads 0
Production Planning under Uncertain Demands and Yields
The periodic demands of a single product are forecasted and given by a distribution function for each period. The product can be manufactured in n plants with heterogeneous characters. Each plant has its specific stochas...
Structural Modeling and Analysis of Intelligent Mobile Learning Environment: A Graph Theoretic System Approach
This paper presents a new methodology using graph theory and matrix algebra to analyze software architecture based on systems engineering approach. It proposes a set of analytical tool to capture the notion of structural...
Structural Identification and Comparison of Intelligent Mobile Learning Environment
This paper proposes a methodology using graph theory, matrix algebra and permanent function to compare different architecture (structure) design of intelligent mobile learning environment. The current work deals with the...
STATISTICAL DETERMINATION OF THE SEQUENCE AND CHRONOLOGY OF THE ERUPTION OF THE FIRST PERMANENT MOLARS AND INCISORS IN ROMANIAN CHILDREN
Teeth eruption is a dynamic, genetically dictated process which is a part of the odontogenesis and comprises all of the tooth’s movement from the bone crypt where it formed until reaching the occlusal plane and starting...
Methods of Portfolio Management for Listed Shares. Some Features for the Romanian Private Pension Funds
Recently, Romania put into practice the private pension system, which includes compulsory pensions and voluntary ones, as alternatives to statutory (public) pension scheme. According to the Romanian laws, private pension...