相關主題
商品描述
Security professionals are trained skeptics. They poke and prod at other people's digital creations, expecting them to fail in unexpected ways. Shouldn't that same skeptical power be turned inward? Shouldn't practitioners ask: "How do I know that my enterprise security capabilities work? Are they scaling, accelerating, or slowing as the business exposes more value to more people and through more channels at higher velocities?" This is the start of the modern measurement mindset--the mindset that seeks to confront security with data.
The Metrics Manifesto: Confronting Security with Data delivers an examination of security metrics with R, the popular open-source programming language and software development environment for statistical computing. This insightful and up-to-date guide offers readers a practical focus on applied measurement that can prove or disprove the efficacy of information security measures taken by a firm.
The book's detailed chapters combine topics like security, predictive analytics, and R programming to present an authoritative and innovative approach to security metrics. The author and security professional examines historical and modern methods of measurement with a particular emphasis on Bayesian Data Analysis to shed light on measuring security operations.
Readers will learn how processing data with R can help measure security improvements and changes as well as help technology security teams identify and fix gaps in security. The book also includes downloadable code for people who are new to the R programming language.
Perfect for security engineers, risk engineers, IT security managers, CISOs, and data scientists comfortable with a bit of code, The Metrics Manifesto offers readers an invaluable collection of information to help professionals prove the efficacy of security measures within their company.
商品描述(中文翻譯)
安全專業人士是經過訓練的懷疑者。他們會對他人的數位創作進行探究,預期它們會以意想不到的方式失敗。難道這種懷疑的力量不應該向內轉化嗎?從業者不應該問:「我怎麼知道我的企業安全能力是否有效?隨著業務向更多人和更多渠道以更高的速度暴露更多價值,它們是擴展、加速還是減緩?」這是現代測量思維的開始——一種尋求用數據來面對安全的思維方式。
《指標宣言:用數據面對安全》對安全指標進行了深入的探討,使用 R 這個流行的開源程式語言和統計計算的軟體開發環境。這本富有洞察力且與時俱進的指南為讀者提供了實用的應用測量焦點,能夠證明或駁斥企業所採取的信息安全措施的有效性。
本書的詳細章節結合了安全性、預測分析和 R 程式設計等主題,呈現出一種權威且創新的安全指標方法。作者及安全專業人士檢視了歷史和現代的測量方法,特別強調貝葉斯數據分析,以闡明如何衡量安全運作。
讀者將學習如何使用 R 處理數據來幫助衡量安全改進和變化,並幫助技術安全團隊識別和修補安全漏洞。本書還包括可供新手下載的 R 程式碼。
《指標宣言》非常適合安全工程師、風險工程師、IT 安全經理、CISO 及對程式碼有一定了解的數據科學家,為專業人士提供了寶貴的信息集合,幫助他們證明公司內部安全措施的有效性。
作者簡介
RICHARD SEIERSEN is Chief Risk Officer at Resilience Insurance. He is a technology executive with 20 years of experience in information security and risk management. Seiersen has held CISO roles at Twilio, LendingClub, and GE Healthcare and was Co-Founder of Soluble, which was sold to Lacework in 2021. He's also an active security startup advisor and consulting faculty member with IANS on cybersecurity risk management.
作者簡介(中文翻譯)
理查德·塞爾森是Resilience Insurance的首席風險官。他是一位擁有20年資訊安全和風險管理經驗的科技高管。塞爾森曾在Twilio、LendingClub和GE Healthcare擔任首席資訊安全官(CISO),並且是Soluble的共同創辦人,該公司於2021年被Lacework收購。他也是一位活躍的安全創業顧問,並擔任IANS的網路安全風險管理諮詢教學成員。
