{"title":"实施安全度量措施","authors":"Elizabeth A. Nichols, Andrew Sudbury","doi":"10.1201/1086.1065898X/46353.15.4.20060901/95429.5","DOIUrl":null,"url":null,"abstract":"Abstract Although Global 2000 organizations today are becoming increasingly aware of the importance of a metrics program to maximize the effectiveness of an information security strategy, there's little guidance available around the practical “how to's” of putting such a program into practice. As a result, security metrics are shrouded in mystery and are considered “too hard” to do—with the end result being that this necessary and effective management tool has yet to be implemented at many organizations, and in the organizations where it has been launched, it has yet to be automated to ease management and reduce resource costs.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2006-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Implementing Security Metrics Initiatives\",\"authors\":\"Elizabeth A. Nichols, Andrew Sudbury\",\"doi\":\"10.1201/1086.1065898X/46353.15.4.20060901/95429.5\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract Although Global 2000 organizations today are becoming increasingly aware of the importance of a metrics program to maximize the effectiveness of an information security strategy, there's little guidance available around the practical “how to's” of putting such a program into practice. As a result, security metrics are shrouded in mystery and are considered “too hard” to do—with the end result being that this necessary and effective management tool has yet to be implemented at many organizations, and in the organizations where it has been launched, it has yet to be automated to ease management and reduce resource costs.\",\"PeriodicalId\":36738,\"journal\":{\"name\":\"Journal of Information Systems Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Systems Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1201/1086.1065898X/46353.15.4.20060901/95429.5\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"Social Sciences\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1201/1086.1065898X/46353.15.4.20060901/95429.5","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Social Sciences","Score":null,"Total":0}
Abstract Although Global 2000 organizations today are becoming increasingly aware of the importance of a metrics program to maximize the effectiveness of an information security strategy, there's little guidance available around the practical “how to's” of putting such a program into practice. As a result, security metrics are shrouded in mystery and are considered “too hard” to do—with the end result being that this necessary and effective management tool has yet to be implemented at many organizations, and in the organizations where it has been launched, it has yet to be automated to ease management and reduce resource costs.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
