PROF-403
Building Security
Models To Help
M k B iMake Business
Decisions
Dave Cullinane
Gordon Shevlin
Preston Wood
William Tang
04/29/09 | Session ID: PROF-403
Agenda
Establish a Security Framework
Obtain Security & Business MetricsObtain Security & Business Me...
Building Security
Models To Help
M k B iMake Business
Decisions
Dave Cullinane
Gordon Shevlin
Preston Wood
William Tang
04/29/09 | Session ID: PROF-403
Agenda
Establish a Security Framework
Obtain Security & Business MetricsObtain Security & Business Metrics
P S it R t I t t (ROI)Prove Security Return on Investment (ROI)
Develop Forward Looking Strategy & Models
1
“Apply” Slide
• After RSA, actions attendees should ‘apply’ back
at the office:at the office:
– Identify a function of Information Security that business and
security metrics can easily be gathered.
– Begin gathering business metrics such as cost, time, and effort
for a set amount of time (e.g. 3 or 6 months).
– Identify the root cause of issues or the most common cause of y
security issues.
– Implement a solution and track business metrics and results.
Measure ROI (remember that positive ROI isn’t the right answer– Measure ROI (remember that positive ROI isn t the right answer,
being able to calculate ROI in business is the real value).
– Leverage experience and information to develop a security
strategy and roadmap
2
strategy and roadmap.
本文档为【PROF-403】,请使用软件OFFICE或WPS软件打开。作品中的文字与图均可以修改和编辑,
图片更改请在作品中右键图片并更换,文字修改请直接点击文字进行修改,也可以新增和删除文档中的内容。
[版权声明] 本站所有资料为用户分享产生,若发现您的权利被侵害,请联系客服邮件isharekefu@iask.cn,我们尽快处理。
本作品所展示的图片、画像、字体、音乐的版权可能需版权方额外授权,请谨慎使用。
网站提供的党政主题相关内容(国旗、国徽、党徽..)目的在于配合国家政策宣传,仅限个人学习分享使用,禁止用于任何广告和商用目的。