Premium Content

Access "New measures for security metrics: Ranum Q&A with Jay Jacobs"

Published: 29 Oct 2013

Information security metrics abound, but few reports garner the attention awarded Verizon's Data Breach Investigations Report. The 2103 DBIR, which highlighted China's alleged cyberespionage among other significant breaches, was based on data pooled from 19 organizations worldwide. Marcus Ranum had a bone to pick with one of the "top external actors" charts, fueled by a healthy skepticism he attributes to his college days in statistics class. "[T]hose lectures had the effect of making me hyper-skeptical about any large, round number that's thrown my way," he bloggedin May shortly after the report was released. Where do you see VERIS going in the future? Is this the kind of thing that could eventually become a requirement for regulated industry segments? Marcus J. Ranum, chief security officer, Tenable Security Inc. This month, Ranum digs into some of the industry issues surrounding the report with co-author Jay Jacobs, a senior data analyst on the Verizon RISK team. Exploring and visualizing data is also the topic of an upcoming book -- look for it in ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features
    • Virtualization security dynamics get old by Chris Hoff

      Companies have embraced virtualization and cloud computing, but security is still bolted-on. Here's what needs to change.

    • Eliminating black hat bargains by Robert Lemos

      Enterprises cannot always keep attackers out of their networks. Instead, defense-in-depth strategies aim to raise the cost to black hats -- in terms of time and money.

    • Beyond the Page: Virtual security by Christofer Hoff

      In the November 2013 Beyond the Page on virtual security, Chris Hoff examines the challenges infosec pros face in finding the right security strategy for their enterprise network.

    • Executive viewpoint: Mixed messages on software security by Robert Richardson, Editorial Director

      Software security ranks high among security executives' concerns but low in terms of time spent, according to an (ISC)2 CXO study.

More Premium Content Accessible For Free

  • Threat intelligence and risk: Why cybersecurity hangs in the balance
    ISM_0614.png
    E-Zine

    As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...

  • How to respond to the latest distributed denial-of-service attacks
    DDOS_attacks.png
    E-Handbook

    All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...

  • Figuring out FIDO as the first products emerge
    ISM_0514.png
    E-Zine

    The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...