June 8, 2010
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data
Author: Hayden, Lance
ISBN-13: 978-0-07-171340-5
ISBN-10: 0071713409
©2011 | 1st Edition | 400 pages , Softcover
Pub Date: July 2010
Price: US$ 49.99
Learn More
Implement an effective security metrics project or program
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data proposes new ways of examining security activities that focus on observation, measurement, and a more structured way of looking at security problems. These methods encourage empirical inquiry and scientific analysis over subjective judgment and opinion when driving security decision-making. The book offers concrete strategies for putting a variety of research tools and metrics into active use on everyday projects.
This definitive guide first describes the history and theory behind empirical analysis and scientific methods, and shows how traditional security practices often do not stand up to rigorous standards of research and analysis. The book then presents new security methods that improve decisions, increase security, and save time and money. The book advises how to choose effective methods and metrics for security projects and provide better information to security stakeholders, reducing uncertainty about the effectiveness of their programs.
- Define security metrics as a manageable amount of usable data
- Design effective security metrics
- Understand quantitative and qualitative data, data sources, and collection and normalization methods
- Implement a programmatic approach to security using the Security Process Management Framework.
- Analyze security metrics data using quantitative and qualitative methods
- Design a security measurement project for operational analysis of security metrics
- Measure security operations, compliance, cost and value, and people, organizations, and culture
- Manage groups of security measurement projects using the Security Improvement Program
- Apply organizational learning methods to security metrics
Endorsement
“Disperses myths while illuminating truths, pointing towards better ways for IT to conceptualize, implement, and articulate the value proposition of security activities and investments….Clearly grounded in foundational concepts of risk management, decision support, and basic economics….Abounds with practical examples, anecdotes, metaphors, crisp descriptions of difficult concepts, comparisons with other industries, and a just plain entertaining writing style that won’t strain your attention span….The relevance, information density, and readability of this book is top-notch….I strongly recommend it to anyone who is passionate and serious about protecting digital assets with better precision and effectiveness.”
–Joel Scambray, Co-Author, Hacking Exposed, and CEO of Consciere
About the Author
Lance Hayden, Ph.D. (Austin, TX) works for Cisco Systems, developing and managing security consulting services and contributing to new security product initiatives. He previously worked for the CIA where he conducted sensitive intelligence operations on behalf of the U.S. government. Lance has spoken at technology and security conferences such as RSA, FIRST, ToorCon, and Cisco Live.
Read the rest of this entry »
Comments Off | 
Highlights, Networking & Communication | Tagged: analyze, assessment, basis, book, building, cases, CIA, Cisco, collect, compliance, conclusions, corporate, cybersecurity, Cyberspace, data, develop, draw, empirical, empiricism, ESA, existing, framework, goals, governance, GQM, guide, Hacking Exposed, history, how to, identify, implementing, incorporating, industries, information, inquiry, internet, IT, Lance Hayden, make, Measuring, methods, Metrics, milestones, networking, operational, paradigm, performance, policy, Practical, practitioners, professional, program, Protecting, questions, recommendations, regulatory, research, scientific, security, solutions, standardization, systems, Technology, theory, tools | 
Permalink
Posted by mheasiacomputing
April 7, 2010
Robin Nixon has worked with and written about computers since the early 1980s (his first computer was a Tandy TRS 80 Model 1 with a massive 4KB of RAM!). During this time he has written in excess of 500 articles for many of the U.K.’s top computer magazines.
Robin started his computing career in the Cheshire homes for disabled people, where he was responsible for setting up computer rooms in a number of residential homes, and for evaluating and tailoring hardware and software so that disabled people could use the new technology – sometimes by means of only a single switch operated by mouth or finger.
After writing articles for computer magazines about his work with disabled people, he eventually worked full time for one of the country’s main IT magazine publishers, where he held several roles including editorial, promotions, and cover disc editing.
With the dawn of the Internet in the 1990s, Robin branched out into developing websites. One of these presented the world’s first radio station licensed by the music copyright holders, and was featured in several news reports on TV and radio networks in the United Kingdom. In order to enable people to continue to surf while listening, Robin also developed the first known pop-up windows.
Robin lives on the southeast coast of England with his wife Julie, a trained nurse, and five children, where he also finds time to foster three disabled children, as well as working full time from home as a technical author.
Robin has contributed an article to “The Daily Tip” section on “IT World,” and Plug-In PHP is one of the featured books on the company’s web site. For a look at the article, please click HERE.
Read the rest of this entry »
Comments Off | Highlights | Tagged: 100, ajax, arrays, associative, audio, authentication, boards, browsers, building, bulletin, chat, Chrome, common, content, cookbook, cookies, CSS, cursor, development, development workstation, diverse, DOM, dynamic, easy-to-use, effects, expertise, Facebook, Firefox, Flickr, forms, frames, functionality, Gmail, handling, hover, HTML, image, incorporating, input, integrating, internet, Internet Explorer, javascript, language, layers, Learning PHP, management, McGraw-Hill Education, menus, messaging, modern, mouse, MySQL, MySQL & JavaScript, navigation, nixon, object, open-source, Opera, oriented, pages, perl, PHP, plug-in, Plug-in PHP, plug-ins, power, problems, processing, programming, robin, robin Nixon, Safari, scripting, security, self-contained, services, setting, solution, solutions, systems, techniques, text, up, user, using, validation, video, visual, web, Web 2.0, websites | Permalink
Posted by mheasiacomputing
March 8, 2010
Plug-In PHP: 100 Power Solutions
Authors: Nixon, Robin
ISBN-13: 978-0-07-166659-6
ISBN-10: 0071666591
©2010 | 1st Edition | 384 pages , Softcover
Pub Date: March 2010
Price: US$ 39.99
100 PHP power solutions in one handy guide
This practical resource contains 100 ready-to-run PHP plug-ins you can use to create dynamic Web content. The book begins by showing you how to install, configure, and use a powerful web development environment. Then, each chapter in Plug-In PHP offers complete, working examples for specific end results you can achieve right away. In this time-saving tool, all of the code is extensively documented along with tips for adapting it for your own requirements.
Get ready-made PHP plug-ins for:
- Text processing
- Image handling
- Content management
- Forms and user input
- Internet integration
- Chat and messaging
- MySQL, sessions, and cookies
- APIs, RSS, and XML
- JavaScript and Ajax
- Geo-location
- Spelling and language translation
- And much more
Download all of the book’s plug-ins at www.pluginphp.com
About the Author
Robin Nixon (UK) is a developer and freelance technical writer who has published more than 500 articles in magazines such as PC Plus, PCW, Web User, .net, PC Advisor, and PC Answers. He is the author of 3 computing books, including the upcoming Learning PHP, MySQL & JavaScript (O’Reilly).
Learn More
Comments Off | Highlights | Tagged: arrays, associative, authentication, boards, building, bulletin, chat, content, CSS, development, diverse, forms, handling, HTML, image, incorporating, input, integrating, internet, javascript, language, management, messaging, MySQL, nixon, object, open-source, oriented, pages, perl, PHP, plug-ins, processing, robin Nixon, scripting, security, services, solution, text, user, web | Permalink
Posted by mheasiacomputing
