Paper Info
Title
Methodology for Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission
Abstract
Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation. This paper proposes a Cyberspace Security Econometrics System (CSES that provides a measure (i.e., a quantitative indication) of reliability, performance and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. This paper introduces the basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural and mathematical underpinnings.
Year
DOI
Venue
2009
10.1109/HICSS.2009.308
HICSS
Keywords
Field
DocType
economic uncertainty,increased outsourcing,stakeholder mission,information security,security controls,disruptive change,cyberspace security econometrics system,careful consideration,improved enterprise,healthy debate,business risk management,key performance indicators,collaborative style,performance indicator,computer network security,input output,cyber security,risk management,key performance indicator
Virtualization,Performance indicator,Business risks,Security controls,Stakeholder,Computer security,Computer science,Outsourcing,Knowledge management,Information security,Risk analysis (engineering),Cyberspace
Conference
Citations 
PageRank 
References 
18
1.51
12
Authors
3
Name
Order
Citations
PageRank
Frederick Sheldon18616.46
Robert K. Abercrombie211815.30
Ali Mili31067127.61