Blogs about: Security Metrics

Featured Blog

The Future : Regulation is Futile - Market Forces Will Prevail

39,000 ft over yet another ocean …… I just watched an old Bill Joy talk from Ted 2006 via iTunes. Two key paraphrases struck me as prophetic. “You can’t regulate the problem away” “What we need is be… more →

Mark Curphey - SecurityBuddha.com

The Future : Regulation is Futile - Market Forces Will Prevail6 comments

mcurphey wrote 2 months ago: 39,000 ft over yet another ocean …… I just watched an old Bill Joy talk from Ted 2006 via iTunes. Tw … more →

Tags: Information Security, Information Security Economics, long tail security, Microsoft, Open-Source, platforms, Royal Holloway ISG, Second-Life, Security 2.0

NIST Draft on Directions in Security Metrics Research

Jaime Raphael Licauco, CISSP, GSEC wrote 3 months ago: There’s a new draft for evaluation released by the NIST on Directions in Security Metrics Rese … more →

Tags: Metrics

NSA Posts Secrets to Writing Secure Code - Write at 38 LOC Per Day5 comments

mcurphey wrote 8 months ago: The National Security Agency has released a case study showing how to cost-effectively develop code … more →

Tags: Software development, software security, Open-Source, Information Security Economics

GRC - Why It's of LIMITED Interest to Me5 comments

mcurphey wrote 1 year ago: I wanted to post a “rah rah” message to Rich Mogul when he posted that GRC platforms Are … more →

Tags: Software development, Security industry, Compliance, Dashboards, long tail security, Information Security Economics, platforms, Security Platforms, Microsoft

Are you Sure you are Measuring Correctly? - Part I2 comments

cyberphob1a wrote 1 year ago: It’s been a while since I’ve last posted about the organizational side of security. My w … more →

Tags: Security, Isms, 27001, ISO, ISO 27001, Information Security, ISO 27004, 27004, Measuring

Metrics that Matter1 comment

mcurphey wrote 1 year ago: Ask a wine maker if climate change is real. This year there will be no organic wine from Burgundy. … more →

Tags: Living in France

Count What Counts1 comment

mcurphey wrote 1 year ago: Working at Microsoft can be hard. You have to force yourself to not get distracted by all the smart … more →

A Sneak Peek at Some Cool Software Security Tools10 comments

mcurphey wrote 1 year ago: My last blog leads me neatly onto to the good stuff. Joining a new company is like a poker game. Th … more →

Tags: Software development, Security industry, PCI, software security, Compliance, regulation, Web Security, Dashboards, visualization

Marc Andreessen on Platforms

mcurphey wrote 1 year ago: Marc’s post here is well worth a read. Level 1 is what I call an “Access API”. Le … more →

Tags: Software development, Security 2.0, software security, Compliance, Dashboards, long tail security, Information Security Economics, Privacy

Security Data Visualization Book

mcurphey wrote 1 year ago: Just picked up from O’Reilly, a new book called Security Data Visualization. It looks to be ve … more →

This Metric Shows Behavioral Change

mcurphey wrote 1 year ago: A week ago I posted that Metrics Should Change Behavior and used what I think is a clever play on s … more →

Tags: Cool business, Security industry

Metrics Should Change Behaviour6 comments

mcurphey wrote 1 year ago: A British University studied 1,050 rock stars and concluded: European artists are twice as likely to … more →

Tags: Information Security Economics

The Security Genome - Understanding How People Find Security Bugs6 comments

mcurphey wrote 1 year ago: I think I may buy shares in Wired. I seem to plug it every month when I read articles of interest th … more →

Tags: Cool business, Information Security, Security industry, Software development, software security, visualization, Web Security

More Long Tail Security Thoughts2 comments

mcurphey wrote 1 year ago: Judging by the blog stats readers have been enjoying my Trends for Information Security an … more →

Tags: Cool business, Security industry, Compliance, Certification, Dashboards, Information Security, long tail security, Information Security Economics

The Long Tail of Information Security (Part 2)4 comments

mcurphey wrote 1 year ago: My last post The Long Tail of Information Security (Part 1) described why I think information secur … more →

Tags: ramblings, Cool business, Security industry, Speaking, PCI, Compliance, Certification, regulation, visualization

The Long Tail of Information Security (Part 1)5 comments

mcurphey wrote 1 year ago:   I have just finished reading the Long Tail by Chris Anderson (editor of Wired). It is brillia … more →

Tags: Blogonomics, Certification, Compliance, Cool business, Information Security, PCI, ramblings, regulation, Security Blogs

Trends in Information Security11 comments

mcurphey wrote 1 year ago: I found myself thinking some “big sky” thoughts about trends in information securit … more →

Tags: Security industry, PCI, Compliance, Certification, regulation, Information Security

Information Security Metrics Dashboard Example - People Productivity2 comments

mcurphey wrote 1 year ago: I am in London with my friend Andreas Fuchsberger. He jokingly showed me his information security pe … more →

Information Security Metrics Dashboard

mcurphey wrote 2 years ago: http://www.enterprise-dashboard.com/2007/03/14/information-security-metrics-dashboard-a-rare-insider … more →

Tags: Security Blogs, Security industry


Have your say. Start a blog.

See our free features →

Related Tags
All →

Follow this tag via RSS

Find other items tagged with “security-metrics”:
Technorati Del.icio.us IceRocket