Synopsis of Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission Value
- ORNL
- New Jersey Institute of Technology
Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with the goal of improved enterprise and business risk management. Economic uncertainty, intensively collaborative work styles, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation of a balanced approach. The Cyberspace Security Econometrics System (CSES) provides a measure of reliability, security and safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES reflects the variance that mayexist among the stakes one attaches to meeting each requirement. This paper summarizes the basis, objectives and capabilities for the CSES includinginputs/outputs as well as the structural underpinnings.
- Research Organization:
- Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC05-00OR22725
- OSTI ID:
- 946765
- Resource Relation:
- Conference: Eleventh IEEE International Symposium on High Assurance Systems Engineering (HASE'08) - Nanjing, , China - 12/3/2008 12:00:00 AM-12/5/2008 12:00:00 AM, Nanjing (China), 3-5 Dec 2008
- Country of Publication:
- United States
- Language:
- English
Methodology for Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission
|
conference | January 2009 |
Developing a SSE-CMM-based security risk assessment process for patient-centered healthcare systems
|
conference | January 2008 |
Evaluating security controls based on key performance indicators and stakeholder mission
|
conference | January 2008 |
Distributed priority ranking of strategic preliminary requirements for management information systems in economic organizations
|
journal | September 2007 |
Sixth workshop on software quality
|
conference | January 2008 |
Value-based software engineering: a case study
|
journal | March 2003 |
Value-Based Software Engineering | book | January 2006 |
Measuring Reliability as a Mean Failure Cost
|
conference | November 2007 |
A case study on value-based requirements tracing
|
conference | January 2005 |
A value-based approach for understanding cost-benefit trade-offs during automated software traceability
|
conference | January 2005 |
Balanced Decision Making in Software Engineering--General Thoughts and a Concrete Example from Industry
|
conference | May 2007 |
A view of 20th and 21st century software engineering
|
conference | May 2006 |
Value-based software engineering
|
journal | March 2003 |
Designing an economic-driven evaluation framework for process-oriented software technologies
|
conference | May 2006 |
Financially informed requirements prioritization
|
conference | May 2005 |
Similar Records
Cyberspace Security Econometrics System (CSES) - U.S. Copyright TXu 1-901-039
Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission