European University Institute Library

How to measure anything in cybersecurity risk, Douglas W. Hubbard, Richard Seiersen

Includes indexMachine generated contents note: Foreword Daniel E. Geer, Jr. ix Foreword Stuart McClure xi Acknowledgments xiii About the Authors xv Introduction 1 PART I WHY CYBERSECURITY NEEDS BETTER MEASUREMENTS FOR RISK 5 CHAPTER 1 The One Patch Most Needed in Cybersecurity 7 CHAPTER 2 A Measurement Primer for Cybersecurity 19 CHAPTER 3 Model Now!: An Introduction to Practical Quantitative Methods for Cybersecurity 35 CHAPTER 4 The Single Most Important Measurement in Cybersecurity 55 CHAPTER 5 Risk Matrices, Lie Factors, Misconceptions, and Other Obstacles to Measuring Risk 81 PART II EVOLVING THE MODEL OF CYBERSECURITY RISK 111 CHAPTER 6 Decompose It: Unpacking the Details 113 CHAPTER 7 Calibrated Estimates: How Much Do You Know Now? 133 CHAPTER 8 Reducing Uncertainty with Bayesian Methods 157 CHAPTER 9 Some Powerful Methods Based on Bayes 169 PART III CYBERSECURITY RISK MANAGEMENT FOR THE ENTERPRISE 197 CHAPTER 10 Toward Security Metrics Maturity 199 CHAPTER 11 How Well Are My Security Investments Working Together? 213 CHAPTER 12 A Call to Action: How to Roll Out Cybersecurity Risk Management 229 APPENDIX A Select Distributions 239 APPENDIX B Guest Contributors 247 Index 269

unknown

online

Use of this electronic resource may be governed by a license agreement which restricts use to the European University Institute community. Each user is responsible for limiting use to individual, non-commercial purposes, without systematically downloading, distributing, or retaining substantial portions of information, provided that all copyright and other proprietary notices contained on the materials are retained. The use of software, including scripts, agents, or robots, is generally prohibited and may result in the loss of access to these resources for the entire European University Institute community

9781119085294

1 online resource (xv, 280 pages.)

remote

(OCoLC)953458699