Welcome to the InfoSci Platform
Reference Hub1
Metrics Based Security Assessment

Metrics Based Security Assessment

James E. Goldman, Vaughn R. Christie
Copyright: © 2004 |Pages: 28
ISBN13: 9781591402862|ISBN10: 1591402867|ISBN13 Softcover: 9781591402336|EISBN13: 9781591402343
DOI: 10.4018/978-1-59140-286-7.ch013
Cite Chapter Cite Chapter

MLA

Goldman, James E., and Vaughn R. Christie. "Metrics Based Security Assessment." Information Security and Ethics: Social and Organizational Issues, edited by Marian Quigley, IGI Global, 2004, pp. 261-288. https://doi.org/10.4018/978-1-59140-286-7.ch013

APA

Goldman, J. E. & Christie, V. R. (2004). Metrics Based Security Assessment. In M. Quigley (Ed.), Information Security and Ethics: Social and Organizational Issues (pp. 261-288). IGI Global. https://doi.org/10.4018/978-1-59140-286-7.ch013

Chicago

Goldman, James E., and Vaughn R. Christie. "Metrics Based Security Assessment." In Information Security and Ethics: Social and Organizational Issues, edited by Marian Quigley, 261-288. Hershey, PA: IGI Global, 2004. https://doi.org/10.4018/978-1-59140-286-7.ch013

Export Reference

Mendeley
Favorite

Abstract

This chapter introduces the Metrics Based Security Assessment (MBSA) as a means of measuring an organization’s information security maturity. It argues that the historical (i.e., first through third generations) approaches used to assess/ensure system security are not effective and thereby combines the strengths of two industry proven information security models, the ISO 17799 Standard and the Systems Security Engineering Capability Maturity Model (SSE-CMM), to overcome their inherent weaknesses. Furthermore, the authors trust that the use of information security metrics will enable information security practitioners to measure their information security efforts in a more consistent, reliable, and timely manner. Such a solution will allow a more reliable qualitative measurement of the return achieved through given information security investments. Ultimately, the MBSA will allow professionals an additional, more robust self-assessment tool in answering management questions similar to: “How secure are we?”

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.