Cargando…
How to measure anything in cybersecurity risk /
A start-to-finish guide for realistically measuring cybersecurity risk In the newly revised How to Measure Anything in Cybersecurity Risk, Second Edition, a pioneering information security professional and a leader in quantitative analysis methods delivers yet another eye-opening text applying the q...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Hoboken, New Jersey :
Wiley,
[2023]
|
| Edición: | Second edition. |
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a22000007i 4500 | ||
|---|---|---|---|
| 001 | OR_on1375438384 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu---unuuu | ||
| 008 | 230412s2023 nju o 000 0 eng d | ||
| 040 | |a YDX |b eng |e rda |c YDX |d N$T |d YDX |d EBLCP |d GZM |d UKMGB |d TEF |d ORMDA |d OCLCO | ||
| 015 | |a GBC376704 |2 bnb | ||
| 016 | 7 | |a 021027124 |2 Uk | |
| 019 | |a 1375298579 | ||
| 020 | |a 9781119892311 |q (electronic book) | ||
| 020 | |a 1119892317 |q (electronic book) | ||
| 020 | |a 9781119892328 |q (electronic book) | ||
| 020 | |a 1119892325 |q (electronic book) | ||
| 020 | |a 9781119892335 |q (electronic book) | ||
| 020 | |a 1119892333 |q (electronic book) | ||
| 020 | |z 1119892309 | ||
| 020 | |z 9781119892304 | ||
| 024 | 7 | |a 10.1002/9781119892335 |2 doi | |
| 029 | 1 | |a UKMGB |b 021027124 | |
| 029 | 1 | |a AU@ |b 000074347080 | |
| 035 | |a (OCoLC)1375438384 |z (OCoLC)1375298579 | ||
| 037 | |a 9781119892311 |b Wiley, US | ||
| 037 | |a 9781119892304 |b O'Reilly Media | ||
| 050 | 4 | |a HV6773.15.C97 |b H835 2023eb | |
| 082 | 0 | 4 | |a 658.4/78 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Hubbard, Douglas W., |d 1962- |e author. | |
| 245 | 1 | 0 | |a How to measure anything in cybersecurity risk / |c Douglas W. Hubbard, Richard Seiersen. |
| 250 | |a Second edition. | ||
| 264 | 1 | |a Hoboken, New Jersey : |b Wiley, |c [2023] | |
| 300 | |a 1 online resource | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | |a Description based on online resource; title from digital title page (viewed on April 25, 2023). | ||
| 505 | 0 | |a Cover -- Title Page -- Copyright Page -- Contents -- Foreword for the Second Edition -- Acknowledgments -- Preface -- How to Measure Anything in Cybersecurity Risk -- Introduction -- Why We Chose This Topic -- What Is This Book About? -- We Need More Than Technology -- Part I Why Cybersecurity Needs Better Measurements for Risk -- Chapter 1 The One Patch Most Needed in Cybersecurity -- Insurance: A Canary in the Coal Mine -- The Global Attack Surface -- The Cyber Threat Response -- A Proposal for Cybersecurity Risk Management -- Notes -- Chapter 2 A Measurement Primer for Cybersecurity | |
| 505 | 8 | |a The Concept of Measurement -- A Taxonomy of Measurement Scales -- The Object of Measurement -- The Methods of Measurement -- Notes -- Chapter 3 The Rapid Risk Audit: Starting With a Simple Quantitative Risk Model -- The Setup and Terminology -- The Rapid Audit Steps -- Some Initial Sources of Data -- The Expert as the Instrument -- Supporting the Decision: Return on Controls -- Doing "Uncertainty Math" -- Visualizing Risk With a Loss Exceedance Curve -- Where to Go from Here -- Notes -- Chapter 4 The Single Most Important Measurement in Cybersecurity | |
| 505 | 8 | |a The Analysis Placebo: Why We Can't Trust Opinion Alone -- How You Have More Data than You Think -- When Algorithms Beat Experts -- Tools for Improving the Human Component -- Summary and Next Steps -- Notes -- Chapter 5 Risk Matrices, Lie Factors, Misconceptions, and Other Obstacles to Measuring Risk -- Scanning the Landscape: A Survey of Cybersecurity Professionals -- What Color Is Your Risk? The Ubiquitous-and Risky-Risk Matrix -- Exsupero Ursus and Other Fallacies -- Communication and Consensus Objections -- Conclusion -- Notes -- Part II Evolving the Model of Cybersecurity Risk | |
| 505 | 8 | |a Chapter 6 Decompose It: Unpacking the Details -- Decomposing the Simple One-for-One Substitution Model -- More Decomposition Guidelines: Clear, Observable, Useful -- A Hard Decomposition: Reputation Damage -- Conclusion -- Notes -- Chapter 7 Calibrated Estimates: How Much Do You Know Now? -- Introduction to Subjective Probability -- Calibration Exercise -- More Hints for Controlling Overconfidence -- Conceptual Obstacles to Calibration -- The Effects of Calibration -- Beyond Initial Calibration Training: More Methods for Improving Subjective Judgment -- Notes | |
| 505 | 8 | |a Answers to Trivia Questions for Calibration Exercise -- Chapter 8 Reducing Uncertainty with Bayesian Methods -- A Brief Introduction to Bayes and Probability Theory -- An Example from Little Data: Does Multifactor Authentication Work? -- Other Ways Bayes Applies -- Notes -- Chapter 9 Some Powerful Methods Based on Bayes -- Computing Frequencies with (Very) Few Data Points: The Beta Distribution -- Decomposing Probabilities with Many Conditions -- Reducing Uncertainty Further and When to Do It -- More Advanced Modeling Considerations -- Wrapping Up Bayes -- Notes | |
| 520 | |a A start-to-finish guide for realistically measuring cybersecurity risk In the newly revised How to Measure Anything in Cybersecurity Risk, Second Edition, a pioneering information security professional and a leader in quantitative analysis methods delivers yet another eye-opening text applying the quantitative language of risk analysis to cybersecurity. In the book, the authors demonstrate how to quantify uncertainty and shed light on how to measure seemingly intangible goals. It's a practical guide to improving risk assessment with a straightforward and simple framework. Advanced methods and detailed advice for a variety of use cases round out the book, which also includes: A new "Rapid Risk Audit" for a first quick quantitative risk assessment. New research on the real impact of reputation damage New Bayesian examples for assessing risk with little data New material on simple measurement and estimation, pseudo-random number generators, and advice on combining expert opinion Dispelling long-held beliefs and myths about information security, How to Measure Anything in Cybersecurity Risk is an essential roadmap for IT security managers, CFOs, risk and compliance professionals, and even statisticians looking for novel new ways to apply quantitative techniques to cybersecurity. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Cyberterrorism. | |
| 650 | 0 | |a Cyberspace |x Security measures. | |
| 650 | 0 | |a Risk management. | |
| 650 | 2 | |a Risk Management | |
| 650 | 6 | |a Cyberterrorisme. | |
| 650 | 6 | |a Gestion du risque. | |
| 650 | 7 | |a risk management. |2 aat | |
| 650 | 7 | |a BUSINESS & ECONOMICS |x Statistics. |2 bisacsh | |
| 650 | 7 | |a COMPUTERS |x Security |x General. |2 bisacsh | |
| 650 | 7 | |a Cyberspace |x Security measures |2 fast | |
| 650 | 7 | |a Cyberterrorism |2 fast | |
| 650 | 7 | |a Risk management |2 fast | |
| 650 | 7 | |a Cyberterrorism. |2 nli | |
| 650 | 7 | |a Cyberspace |x Security measures. |2 nli | |
| 650 | 7 | |a Risk management. |2 nli | |
| 700 | 1 | |a Seiersen, Richard, |d 1967- |e author. | |
| 776 | 0 | 8 | |i Print version: |z 1119892309 |z 9781119892304 |w (OCoLC)1302738859 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781119892304/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a YBP Library Services |b YANK |n 304816556 | ||
| 938 | |a EBSCOhost |b EBSC |n 3590054 | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL7234983 | ||
| 994 | |a 92 |b IZTAP | ||