Synopsis of Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission Value
Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with the goal of improved enterprise and business risk management. Economic uncertainty, intensivelycollaborative work styles, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation of a balanced approach. The Cyberspace Security Econometrics System (CSES) provides a measure of reliability,security and safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder, CSES reflects the variance that may exist among the stakes one attaches to meeting each requirement. This paper summarizes the basis,objectives and capabilities for the CSES including inputs/outputs as well as the structural underpinnings.
Robert K.Abercrombie Frederick T.Sheldon Ali Mili
Oak Ridge National Laboratory Oak Ridge, TN 37831-6418 USA College of Computing Sciences New Jersey Institute of Technology Newark, NJ 07102-1982 USA
国际会议
11th IEEE High Assurance Systems Engineering Symposium(HASE 2008)(第十一届IEEE高可信系统工程国际研讨会)
南京
英文
479-482
2008-12-03(万方平台首次上网日期,不代表论文的发表时间)