Security metrics to improve information security management

The concept of security metrics is a very important aspect for information security management. Security metrics are tools to facilitate decision making and to improve performance and accountability. The aim of information security is to ensure business continuity and minimise business damage by preventing and minimising the impact of security incidents. In that way security is not only a technical matter. In a security metrics generation perspective, organizations must take into consideration all information security dimensions including technical, organizational, human and conformity aspects in order to be competitive whilst providing stakeholders detailed information about the complete structure of the organizations’ information security and risk treatment processes. This paper discusses ways to identify the right metrics to measure security preparedness and awareness within an organization.

Published in: on 11/04/2010 at 15:54  Leave a Comment  

The URI to TrackBack this entry is:

RSS feed for comments on this post.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: