Presentation is loading. Please wait.

Presentation is loading. Please wait.

Measuring Information Security Risk Metricon 1 1 August 2006 Bob Blakley

Published byOlivia Perkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Measuring Information Security Risk Metricon 1 1 August 2006 Bob Blakley"— Presentation transcript:

1 Measuring Information Security Risk Metricon 1 1 August 2006 Bob Blakley blakley@burtongroup.com

2 Measurements are not Metrics Metrics are a system of parameters or ways of quantitative and periodic assessment of a process that is to be measured, along with the procedures to carry out such measurement and the procedures for the interpretation of the assessment in the light of previous or comparable assessments. - Wikipedia

3 Measuring Risk estimate probability and consequenceMitigate estimate log(probability) and consequence Mitigate & Recover estimate worst-case consequenceRecover estimate probability and consequenceMitigate ignore commonuncommonrare high impact low impact

4 If you can’t measure one thing, you might be able to measure two

5 Risk Correlates: Vital Signs It’s hard to make you sick without changing your pulse, temperature, or blood pressure.

6 Differential Diagnosis

Download ppt "Measuring Information Security Risk Metricon 1 1 August 2006 Bob Blakley"

Similar presentations

Risk Management Module 3D Canada Bridges Project Management Tools Risk Management - Module 3D 1.

Risk Management Module 3D Canada Bridges Project Management Tools Risk Management - Module 3D 1.
Chemtech Dispersion of Contaminants in the Ocean Authors : André Luiz Fadel - Mechanical Eng., M. Sc. / Petrobras João Tornovsky - Chemical Eng. / Chemtech.

Chemtech Dispersion of Contaminants in the Ocean Authors : André Luiz Fadel - Mechanical Eng., M. Sc. / Petrobras João Tornovsky - Chemical Eng. / Chemtech.
Engineering Diploma Level 2 Unit 7 Application of Maintenance Techniques in Engineering In this unit you will get involved with both maintenance procedures.

Engineering Diploma Level 2 Unit 7 Application of Maintenance Techniques in Engineering In this unit you will get involved with both maintenance procedures.
RISK ANALYSIS.  Almost all of the things that we do involve risk of some kind, but it can sometimes be challenging to identify risk, let alone to prepare.

RISK ANALYSIS.  Almost all of the things that we do involve risk of some kind, but it can sometimes be challenging to identify risk, let alone to prepare.
© Almerindo Graziano Information Security Metrics.

© Almerindo Graziano Information Security Metrics.
Federal department of environment, transport, energy and communications ETEC Federal Office for the Environment FOEN Risk Assessment on Pipelines: the.

Federal department of environment, transport, energy and communications ETEC Federal Office for the Environment FOEN Risk Assessment on Pipelines: the.
ICAO Aerodrome Safety Workshop Almaty, Kazakhstan – 18 to 22 November 2002 NON-CONFORMITIES AND EXEMPTIONS AERONAUTICAL STUDIES.

ICAO Aerodrome Safety Workshop Almaty, Kazakhstan – 18 to 22 November 2002 NON-CONFORMITIES AND EXEMPTIONS AERONAUTICAL STUDIES.
Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.

Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.
4-1 Chapter 4 Nurse Note Documentation Level 1 © 2012 The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill.

4-1 Chapter 4 Nurse Note Documentation Level 1 © 2012 The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill.
GTT Unit 8 Medical Detectives

GTT Unit 8 Medical Detectives
Session 2. Applied Regression -- Prof. Juran2 Outline for Session 2 More Simple Regression –Bottom Part of the Output Hypothesis Testing –Significance.

Session 2. Applied Regression -- Prof. Juran2 Outline for Session 2 More Simple Regression –Bottom Part of the Output Hypothesis Testing –Significance.
Environmentally Conscious Design & Manufacturing (ME592) Date: April 19, 2000 Slide:1 Environmentally Conscious Design & Manufacturing Class 19: Reuse.

Environmentally Conscious Design & Manufacturing (ME592) Date: April 19, 2000 Slide:1 Environmentally Conscious Design & Manufacturing Class 19: Reuse.
Shuttle Challenger Disaster Design Implications Homework 2 Steven Callahan Design Implications Homework 2 Steven Callahan.

Shuttle Challenger Disaster Design Implications Homework 2 Steven Callahan Design Implications Homework 2 Steven Callahan.
COSYSMO Risk/Confidence Estimation Prototype John Gaffney March 14, 2005.

COSYSMO Risk/Confidence Estimation Prototype John Gaffney March 14, 2005.
Review of the fundamental concepts of probability Exploratory data analysis: quantitative and graphical data description Estimation techniques, hypothesis.

Review of the fundamental concepts of probability Exploratory data analysis: quantitative and graphical data description Estimation techniques, hypothesis.
1.02 ANALYZE METHODS TO CORRECTLY MAINTAIN VETERINARY MEDICAL RECORDS VETERINARY MEDICAL RECORDS.

1.02 ANALYZE METHODS TO CORRECTLY MAINTAIN VETERINARY MEDICAL RECORDS VETERINARY MEDICAL RECORDS.
COMPGZ07 Project Management Presentations Graham Collins, UCL

COMPGZ07 Project Management Presentations Graham Collins, UCL
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.

Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
1 Selection bias and auditing policies on insurance claims Leuven, July 20, 2006 Jean Pinquet, Montserrat Guillén & Mercedes Ayuso.

1 Selection bias and auditing policies on insurance claims Leuven, July 20, 2006 Jean Pinquet, Montserrat Guillén & Mercedes Ayuso.
Lecture 32 Risk Management (Cont’d)

Lecture 32 Risk Management (Cont’d)

Similar presentations

Ads by Google