Enclave Security "A Leader in Data Protection Services"

• Home
• Auditing
• Services
• Blogs
• Resources
• About Us

Subscribe to This Feed

Recent Posts

• IT Security Highlights March 11 2010
• IT Security Highlights March 10 2010
• IT Security Highlights March 9 2010
• IT Security Highlights March 8 2010
• IT Security Highlights March 5 2010

Categories

• 20 Critical Controls
• 44th Presidency Cybersecurity efforts
• Acceptable Use
• Advanced Persistent Threat
• Assurance
• Audit
• Background Checks
• Checklists
• CISA
• Crime
• Cyber Warfare
• Cybercrime
• Data Leakage Protection (DLP)
• Data Theft
• DHS Infrastructure Reports
• Encryption
• Free Audit Checklists
• George Orwell’s Big Brother
• Green IT
• Health Information Technology
• HIPAA
• Information Security Awareness
• IPv6
• Kelli Tarala
• Legal & Privacy
• Malware
• Medical Identity Theft
• Microsoft Windows
• Policy
• Progressive Reforms
• Remote Code Execution
• Risk
• SANS Institute
• Secure Development Lifecycle (SDL)
• Sexting
• Sharpen the Saw
• Situational Awareness
• Social Contract
• Social Engineering
• Social Networking
• Tools
• Training
• Web 2.0
• Wireless
• Writing Secure Code

Attend an Event

Enclave on Twitter

Risk

Security Metrics and Risk, How valuable is that dashboard report?

Friday, March 27th, 2009

Information security risks are hard to quantify because they involve a lot of “what-if” and “it might happen.” Risks are basically Threats multiplied by Vulnerabilities multiplied by Consequences. Information Security departments use number driven performance dashboards to represent information security risks to a company, or to compliance.
What exactly are these reports saying?
Introducing a little Security [...]