Welcome to the InfoSci Platform
Metric Based Security Assessment

Metric Based Security Assessment

James E. Goldman, Vaughn R. Christie
Copyright: © 2008 |Pages: 20
ISBN13: 9781599049373|ISBN10: 1599049376|EISBN13: 9781599049380
DOI: 10.4018/978-1-59904-937-3.ch094
Cite Chapter Cite Chapter

MLA

Goldman, James E., and Vaughn R. Christie. "Metric Based Security Assessment." Information Security and Ethics: Concepts, Methodologies, Tools, and Applications, edited by Hamid Nemati, IGI Global, 2008, pp. 1396-1415. https://doi.org/10.4018/978-1-59904-937-3.ch094

APA

Goldman, J. E. & Christie, V. R. (2008). Metric Based Security Assessment. In H. Nemati (Ed.), Information Security and Ethics: Concepts, Methodologies, Tools, and Applications (pp. 1396-1415). IGI Global. https://doi.org/10.4018/978-1-59904-937-3.ch094

Chicago

Goldman, James E., and Vaughn R. Christie. "Metric Based Security Assessment." In Information Security and Ethics: Concepts, Methodologies, Tools, and Applications, edited by Hamid Nemati, 1396-1415. Hershey, PA: IGI Global, 2008. https://doi.org/10.4018/978-1-59904-937-3.ch094

Export Reference

Mendeley
Favorite

Abstract

This chapter introduces the Metrics Based Security Assessment (MBSA) as a means of measuring an organization’s information security maturity. It argues that the historical (i.e., first through third generations) approaches used to assess/ensure system security are not effective and thereby combines the strengths of two industry proven information security models, the ISO 17799 Standard and the Systems Security Engineering Capability Maturity Model (SSE-CMM), to overcome their inherent weaknesses. Furthermore, the authors trust that the use of information security metrics will enable information security practitioners to measure their information security efforts in a more consistent, reliable, and timely manner. Such a solution will allow a more reliable qualitative measurement of the return achieved through given information security investments. Ultimately, the MBSA will allow professionals an additional, more robust self-assessment tool in answering management questions similar to: “How secure are we?”

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.